Full Screen Quick Look in Snow Leopard
When viewing files in the Finder in Snow Leopard, instead of pressing just the Space bar to enter Quick Look, press Option-Space to display the selected document in full-screen Quick Look, expanding the preview and hiding everything else that would otherwise remain visible.
Submitted by
Doug McLean
Recent TidBITS Talk Discussions
- Alternatives to MobileMe for syncing calendars between iPad/Mac (1 message)
- Free anti-virus for the Mac (20 messages)
- iTunes 10 syncing iPod Touch 4.1 (2 messages)
- Thoughts about Ping (16 messages)
Published in TidBITS 857.
Subscribe to our weekly email edition.
- Last Call for Holiday 2006 Gift Ideas
- Zune Zingers with Andy Ihnatko
- PopChar X 3.1 Adds Pages Support
- Parallels Desktop Ups the Ante
- Magellan RoadMate 3000T/6000T Heads Downhill
- Take Control News/04-Dec-06
- Hot Topics in TidBITS Talk/04-Dec-06
Apple Patches AirPort Card Driver Flaws
Apple patched a security flaw in the drivers for the company's original AirPort card last week. Among other fixes, Security Update 2006-007 for Mac OS X 10.3.9 and 10.4.8 corrects a flaw that could enable a nearby attacker to cause a kernel panic and crash a Mac in the right set of circumstances. Apple warned that this attack could potentially deliver a software payload that would run without interference on the attacked computer - a state known as arbitrary code execution. We wrote about this exploit last month ("Another Minor AirPort Vulnerability Exposed," 2006-11-06), at which point the exploit's discoverer only suggested that a payload was possible. A host of other flaws were also patched.
Six unique updaters are available: one each for 10.3.9 client and server, 10.4.8 PowerPC client and server, and 10.4.8 Intel client and server. Software Update identifies the correct one for your Mac.
The AirPort flaw was triggered if an AirPort card, signaling it was interested in knowing what networks were available in the vicinity, received a carefully crafted response that mimicked how access points announce their name and other details. The patch validates those responses to avoid triggering an error. Keep in mind that the vulnerability affects only the original AirPort card, which was included with Macs released from 1999 to 2002, and was sold as late as 2004 for those Macs. AirPort Extreme cards, which work with models introduced starting in January 2003, have drivers that aren't affected by this particular flaw. (The few users of Mac OS X 10.2 and earlier have been ignored for AirPort card updates for at least a couple of years now.)
Security Update 2006-007 mostly patches flaws that are triggered by local users with physical access to the computer, although a few weaknesses could be exploited by remote users. For instance, a flaw in the FTP server built into Mac OS X could enable a remote user to figure out which users have valid accounts on the attacked computer. And an error in how Samba (Windows file sharing) handles incoming requests could have enabled an attacker to break access to the service.
One significant flaw, now patched, could have crashed or exploited Mac OS X when Safari visited a Web site that had a maliciously crafted Web page. The flaw was in WebKit, the underlying system-wide software used for HTML rendering and handling that's used in Safari and many third-party applications. The fix now parses documents correctly. Oddly, the description of this problem is identical to that used in Security Update 2006-004 released on 01-Aug-06.
editing PDFs; TextExpander for saving time and keystrokes while you
type; DiscLabel for designing CD/DVD labels and inserts. Free demos,
fast and friendly customer support. <http://www.smilesoftware.com/>