On TV.com: Spam Emailing 30 ROCKs Judah Friedlander
BNET Business Network:
BNET
TechRepublic
ZDNet

March 19th, 2008

Security update breaks printer drivers, Instant Hijack component

Posted by David Morgenstern @ 10:46 am

Categories: Security, Software Update

Tags: SSH, Printer Driver, Discussion Board, Instant Hijack, Leopard, PIE, Printers, Security, Hardware, Peripherals

Discussion boards are breaking with reports of SSH and printer problems caused by Apple’s late Tuesday release of Mac OS X’s Security Update 2008-002. However, fixes can be had.

Rogue Amoeba Software released a compatibility fix for its Instant Hijack component that is often installed by the company’s Airfoil, Audio Hijack Pro, and Nicecast applications. The problem causes SSH and other programs crash on Leopard machines.

The company suggested users to download the updates to its programs.

So, what caused this issue? This was due to a bug in Instant Hijack and is related to a new security feature in Leopard called position-independent executables (PIE). PIE is related to address space layout randomization. The basic effect is to move programs such as ssh to a different place in memory each time they start, making it more difficult for an attacker to exploit them.

Position-independent executables were available in Leopard from the start, and Instant Hijack was written to take them into account. However, nothing on the system actually used this facility when Leopard shipped. That changed with Security Update 2008-002, which includes a copy of ssh and related utilities which were compiled using PIE. At that point, we discovered that Instant Hijack’s PIE support didn’t work correctly.

Instant Hijack’s PIE support expected the program to be loaded at a random address. However, Leopard’s PIE implementation loads a program’s executable code into memory, and then moved it to a new, random address. Instant Hijack briefly inspects each process as it launches, in order to catch those that produce audio. On something like ssh, it exits very early, but that was enough to cause an issue here. Instant Hijack was left looking for the executable code in the original but since-vacated spot, and this triggered a crash.

On Apple’s discussion boards users also complained that printing had stopped after installing the security patch. (Another reason to always backup before installing any system update.) Readers said repairing permissions didn’t help.

Some users said deleting the /usr/libexec/cups/filter/pstops file (or replacing it from a backup) also worked.

Some readers said that reinstalling the Combo 10.5.2 Updater also worked.

David MorgensternDavid Morgenstern has covered the Mac market and other technology segments for 20 years. See his full profile and disclosure of his industry affiliations.


Email David Morgenstern

Subscribe to The Apple Core via Email alerts or RSS.

  • Talkback
  • Most Recent of 141 Talkback(s)
OMG. Stop the presses!
These patches wheren't perfect, like the rest of the entire Apple hardware and software portfolio?

I never thought I'd see the day...... (Read the rest)
Posted by: Dauplat Posted on: 03/31/08 You are currently: a Guest | | Terms of Use
First rule of thumb for anyone OSX or Windows  James Quinn | 03/19/08
True of all OSs and Apps. (nt)  No_Ax_to_Grind | 03/19/08
If Everybody took your advice  Real World | 03/19/08
Sometimes one has to step up and be that dummy...  zkiwi | 03/19/08
I'll be first.  msalzberg | 03/19/08
No Problem Here  DannyO_0x98 | 03/19/08
Nor Here  galley | 03/20/08
My guess would be  frgough | 03/20/08
It's all freakin' horseshot  fr0thy@... | 03/19/08
Nitwits  garry_k@... | 03/19/08
That's true of most Apple fanboys  hasta la Vista, bah-bie | 03/20/08
Fool!  joethemacfan | 03/20/08
Guess you forgot to read the article.  zachschi@... | 03/20/08
you can read that 2 ways  Paul Fletcher | 03/20/08
Goodt point  jimk_z | 03/20/08
Not strange just human nature...  James Quinn | 03/21/08
Not all true  blackjack861@... | 03/21/08
Hmmmm I don't think much of our list  James Quinn | 03/22/08
Also  blackjack861@... | 03/22/08
What's the point?  Richmedia | 03/21/08
RE: Security update breaks printer drivers, Instant Hijack component  ebmarquez | 03/19/08
Difference being....  Spiritusindomit@... | 03/20/08
how odd!  Paul Fletcher | 03/20/08
The patch to patch the patch for the patch that patched the last patch  NonZealot | 03/19/08
They are emulating Windows more and more  deaf_e_kate | 03/20/08
True  Rude Union | 03/20/08
We're Happy that You're Happy  philpenn | 03/20/08
Once again....  An Apple a Day | 03/20/08
Is that like your boyfriend...  Spiritusindomit@... | 03/20/08
hahahahahahah  philpenn | 03/20/08
Hmmm.....never had that happen.....  An Apple a Day | 03/20/08
Non-Zealot? and his patches  dschlegel@... | 03/20/08
hmm  Badgered | 03/20/08
you won't jump  Paul Fletcher | 03/20/08
Jump?  blackjack861@... | 03/21/08
Of course not...  hasta la Vista, bah-bie | 03/20/08
c'mon wake up  Paul Fletcher | 03/20/08
From TUAW.com...  msalzberg | 03/19/08
Says a lot for OS X!!  NonZealot | 03/19/08
Says very little about you  zkiwi | 03/19/08
Says a lot about you.  msalzberg | 03/19/08
Actually, it says a lot about "NonZealot"  the_doge | 03/20/08
Maybe he doesn't like fanboys  hasta la Vista, bah-bie | 03/20/08
NonZealot is stupid  bmerc | 03/20/08
Are you guilty of something  hasta la Vista, bah-bie | 03/21/08
If he didn't like fanboys....  themusicmanrk | 03/20/08
Says a lot about you...  msalzberg | 03/20/08
Says you  hasta la Vista, bah-bie | 03/21/08
Sorry, did I bother you at recess?  msalzberg | 03/21/08
Am I hearing an echo?  hasta la Vista, bah-bie | 03/21/08
What is wrong with a fan?  James Quinn | 03/21/08
I like fans  tikigawd | 03/21/08
b8375629: You have to repeat yourself a lot  tikigawd | 03/21/08
happy - No wonder deprogramming is tough  hasta la Vista, bah-bie | 03/22/08
The term "fanboy" has been soiled  tikigawd | 03/21/08
Contrast this  Michael Kelly | 03/19/08
And a few other SP1 problems  Ken_z | 03/19/08
There's nothing specific listed  Michael Kelly | 03/19/08
If you had read the comments ...  ShadeTree | 03/20/08
ken these are the same issues not more and the fact is.  SO.CAL Guy | 03/20/08
Can't get Macbook Pro AirPort to Connect via WPA  Uber Dweeb | 03/19/08
Solve the problem ...  MisterMiester | 03/19/08
Would be easy...  Uber Dweeb | 03/20/08
sounds like you need a pro...  doh123 | 03/20/08
Not all models are responding the same way.  Uber Dweeb | 03/20/08
Fixed it!  Uber Dweeb | 03/20/08
How many kids use Macs at your school?  tikigawd | 03/21/08
Postscript handling issues not drivers ...  MisterMiester | 03/19/08
This must be a joke...right?  ye | 03/19/08
I'm so humbled...  zkiwi | 03/19/08
There was no misquoting.  ye | 03/20/08
So Close  philpenn | 03/20/08
Dead on target!  ye | 03/20/08
Maybe you need...  zkiwi | 03/21/08
Over the years we Mac users have learnt patience  James Quinn | 03/19/08
LOL! Nice Spin Jim!  ye | 03/20/08
Nope just basic martial arts.....  James Quinn | 03/20/08
Nice try - LOL  hasta la Vista, bah-bie | 03/20/08
Yep, guess you ARE stupid too.  bmerc | 03/20/08
Is that another stupid question from a guilty fanboy  hasta la Vista, bah-bie | 03/21/08
Technically I don't think I did blame Windows...  James Quinn | 03/21/08
Keep spinning...  hasta la Vista, bah-bie | 03/22/08
What do you mean by "May just win?"  James Quinn | 03/22/08
You've won absolutely nothing  hasta la Vista, bah-bie | 03/22/08
Nice diversion!  ye | 03/20/08
Oh I don't know.....  James Quinn | 03/21/08
I can imagine  Spiritusindomit@... | 03/20/08
Man did you get ripped off....:P  James Quinn | 03/20/08
RE: Security update breaks printer drivers, Instant Hijack component  gfeier | 03/19/08
Security Update  Starman35 | 03/20/08
Backup  kmurray723@... | 03/19/08
That would depend...  zkiwi | 03/19/08
I think it's intentional...  fde101 | 03/20/08
Footnote  fde101 | 03/20/08
Meanwhile, Vista SP1 installed effortlessly for me.  Scrat | 03/20/08
I think the same can be said for this OSX update  James Quinn | 03/20/08
both vista sp1 and the osx update installed with no issues for me to  SO.CAL Guy | 03/20/08
Pull the other leg, it does tricks...really.  Mercat | 03/20/08
Actually I do, but I was talking about my home PC's  Scrat | 03/20/08
How?  cashaww | 03/20/08
Hmmm.....  cashaww | 03/20/08
Touchy, aren't you! Go out and get some air. The patching can wait wink  Scrat | 03/20/08
Did anyone actually read this article?  scott.feier@... | 03/20/08
completely valid  coffeeshark | 03/20/08
I prefer "Oh how the mighty have fallen (again!)", but either will do!  Scrat | 03/20/08
THANK YOU!!  dschlegel@... | 03/20/08
Probably not  labarker | 03/20/08
It's a Trojan  BALTHOR | 03/20/08
Well, better than...  iMouse | 03/20/08
Oh horrors...  Bob in Atlanta | 03/20/08
Here are the problems in a nutshell  MisterMiester | 03/20/08
sorry...  cashaww | 03/20/08
But...  Bob in Atlanta | 03/20/08
I disagree  Badgered | 03/20/08
Right on, Badgered!  thinker999 | 03/20/08
Not even close ...  MisterMiester | 03/20/08
Unix Specification  MisterMiester | 03/20/08
Not Unix  jimk_z | 03/20/08
People can't read, can they?  MisterMiester | 03/21/08
Correction  MisterMiester | 03/21/08
RE: Security update breaks printer drivers, Instant Hijack component  MBRIANT@... | 03/20/08
A..  cashaww | 03/20/08
Secure Shell  MisterMiester | 03/20/08
Firecracker Vs. Atom Bomb  Davewrite | 03/20/08
Try not to use Windows as an excuse for Apple hosing their own system  hasta la Vista, bah-bie | 03/20/08
Comparisons Important  Davewrite | 03/20/08
Ah, the spin, the spin, the spin...  hasta la Vista, bah-bie | 03/20/08
How about actually contributing...  bmerc | 03/20/08
How about not being an uncritical slave...  hasta la Vista, bah-bie | 03/21/08
Problem is....  James Quinn | 03/22/08
No, the problem really is...  hasta la Vista, bah-bie | 03/22/08
RE: Security update breaks printer drivers, Instant Hijack component  Sir_bobbyuk | 03/20/08
Bug proof software is a myth...  Narg | 03/20/08
I disagree!  Crestview | 03/20/08
I have a great idea!  Crestview | 03/20/08
The sky is falling? I think not.  TCollinsG3 | 03/21/08
RE: Security update breaks printer drivers, Instant Hijack component  nmsmith | 03/21/08
RE: Security update breaks printer drivers  serenitylodge@... | 03/21/08
RE: Security update breaks printer drivers, Instant Hijack component  blackjack861@... | 03/22/08
No such issue here  John Musbach | 03/26/08
OMG. Stop the presses!  Dauplat | 03/31/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics Click Here

advertisement

Recent Entries

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline