In what was clearly an attempt to distract Mac users from hammering the Apple Store while pre-ordering the iPhone 4, Apple last week shipped Mac OS X 10.6.4 to fix a variety of bugs and security vulnerabilities, and to ensure that everyone running Mac OS X 10.6 Snow Leopard upgrades to the included Safari 5. It's difficult to summarize the changes, since most of the bugs fixed are pretty specific. Apple says that the Mac OS X 10.6.4 Update:

• fixes a bug that could cause the keyboard or trackpad to become unresponsive
• fixes a bug that could cause some Adobe Creative Suite 3 applications from opening
• resolves various issues related to copying, renaming, and deleting files on SMB file servers
• improves reliability of VPN connections
• solves a problem related to playback in DVD Player when using Good Quality deinterlacing
• fixes a problem with Parental Controls Time Limits for Open Directory or Active Directory users
• fixes a bug that could cause the right speaker to sound louder than the left speaker in the MacBook Pro (Early 2010)
• resolves a display sleep issue with the MacBook Pro (Early 2010)
• improves compatibility with some Braille displays
• resolves pairing issues with Apple remotes
• eliminates noise when using some third-party FireWire audio devices

A few issues relate specifically to digital photography, so the update also:

• adds raw image compatibility for more digital camera models [1]
• resolves an issue related to editing photos in full screen view in both iPhoto and Aperture
• provides tethered shooting support for more digital cameras in Aperture 3
• addresses IPTC metadata compatibility issues in Aperture 3
• resolves an issue with using third-party USB webcams

Security -- On the security side, Mac OS X 10.6.4 eliminates 23 separate vulnerabilities, including problems in CUPS (Mac OS X's printing system), Mac OS X's handling of symlinks, iChat, image handling, Kerberos, URL handling, Open Directory, Ruby, the SMB file server, and - in Mac OS X Server - SquirrelMail and Wiki Server. These fixes are also available for Mac OS X 10.5.8 Leopard in Security Update 2010-004 (Leopard-Client) [2] and Security Update 2010-004 (Leopard-Server) [3].

A few things jumped out at us from the security notes [4]. Most notably, the Mac OS X 10.6.4 Update includes Flash Player 10.0.45.2, which is itself significantly vulnerable, so if you haven't yet installed Flash Player 10.1.53.64, do so manually after updating to 10.6.4 (for more details, see "Adobe Flash Player 10.1.53.64 Blocks 32 Security Holes [5]," 11 June 2010). Luckily, it appears that Apple's delta installer does not overwrite the later Flash Player if you've already installed it. However, as our friend John Baxter discovered, the combo updater can install the older Flash Player over a newer version, so if you use the combo updater, be sure to check your Flash Player version after updating and reinstall manually if necessary.

Also, Apple describes a problem that has apparently existed for some time in Leopard and Snow Leopard, but is now fixed. "When 'Apply to enclosed items...' is selected in the Get Info window in the Finder, the ownership of the enclosed items is not changed. This may cause the enclosed files and folders to have unexpected permissions. This issue is addressed by applying the correct ownership." This comment is somewhat distressing, and if you've changed permissions for enclosed items via the Get Info window recently, you might wish to check to make sure the ownership is what you want it to be.

Snow Leopard Server -- In addition to the general fixes in the desktop version, Mac OS X Server 10.6.4 features its own collection of improvements, including fixes for:

• CalDAV querying of email addresses with Active Directory and Open Directory servers
• stability and reliability when accessing Wiki Server pages
• viewing movies on Wiki Server with Safari on iPad
• accessing public wikis when logged in to the Wiki Server
• listing blogs on Wiki Server
• vacation mail notices that span multiple days
• updates from Software Update Server being viewable by clients
• stability and reliability related to Software Update Server synchronization
• downloading of software updates by Software Update Server
• creating NetInstall images that include iLife updater packages

Downloading -- The specificity of these bug fixes means that you shouldn't necessarily hurry to download and install Mac OS X 10.6.4 until early adopters have had a chance to determine if there are any problems lurking in the release. Or, of course, unless you're experiencing one of the bugs that 10.6.4 addresses!

As usual, Mac OS X 10.6.4 is available in a variety of packages, including a special one for the just-released Mac mini (Mid 2010) that fixes some problems on that machine related to graphics compatibility and performance, and improves compatibility with large-format SDDXC memory cards.

• Mac OS X 10.6.4 Update [6] (the "delta" updater): 607.21 MB
• Mac OS X 10.6.4 Update (Combo) [7]: 887.37 MB
• Mac OS X 10.6.4 Update Mac mini (Mid 2010) [8]: 403.38 MB
• Mac OS X Server 10.6.4 Update [9] (the "delta" updater): 615.60 MB
• Mac OS X Server 10.6.4 Update (Combo) [10]: 1.05 GB
• Mac OS X Server 10.6.4 Update Mac mini (Mid 2010) [11]: 411.72 MB

[1]: http://support.apple.com/kb/HT3825
[2]: http://support.apple.com/kb/DL1052
[3]: http://support.apple.com/kb/DL1053
[4]: http://support.apple.com/kb/HT4188
[5]: http://db.tidbits.com/article/11345
[6]: http://support.apple.com/kb/DL1049
[7]: http://support.apple.com/kb/DL1048
[8]: http://support.apple.com/kb/DL1054
[9]: http://support.apple.com/kb/DL1050
[10]: http://support.apple.com/kb/DL1051
[11]: http://support.apple.com/kb/DL1055

Permanent article URL: http://db.tidbits.com/article/11356
This is a specially formatted version of this TidBITS article that removes colors, and optionally removes images; it's designed to minimize the use of ink and paper.
Unless otherwise noted, this article is copyright © 2010 TidBITS Publishing, Inc.. TidBITS is copyright © 2008 TidBITS Publishing Inc. Reuse governed by this Creative Commons License: http://www.tidbits.com/terms/.