The Apple Core

Jason D. O'Grady & David Morgenstern
Home / News & Blogs / The Apple Core

Security update breaks printer drivers, Instant Hijack component

By | March 19, 2008, 10:46am PDT

Discussion boards are breaking with reports of SSH and printer problems caused by Apple’s late Tuesday release of Mac OS X’s Security Update 2008-002. However, fixes can be had.

Rogue Amoeba Software released a compatibility fix for its Instant Hijack component that is often installed by the company’s Airfoil, Audio Hijack Pro, and Nicecast applications. The problem causes SSH and other programs crash on Leopard machines.

The company suggested users to download the updates to its programs.

So, what caused this issue? This was due to a bug in Instant Hijack and is related to a new security feature in Leopard called position-independent executables (PIE). PIE is related to address space layout randomization. The basic effect is to move programs such as ssh to a different place in memory each time they start, making it more difficult for an attacker to exploit them.

Position-independent executables were available in Leopard from the start, and Instant Hijack was written to take them into account. However, nothing on the system actually used this facility when Leopard shipped. That changed with Security Update 2008-002, which includes a copy of ssh and related utilities which were compiled using PIE. At that point, we discovered that Instant Hijack’s PIE support didn’t work correctly.

Instant Hijack’s PIE support expected the program to be loaded at a random address. However, Leopard’s PIE implementation loads a program’s executable code into memory, and then moved it to a new, random address. Instant Hijack briefly inspects each process as it launches, in order to catch those that produce audio. On something like ssh, it exits very early, but that was enough to cause an issue here. Instant Hijack was left looking for the executable code in the original but since-vacated spot, and this triggered a crash.

On Apple’s discussion boards users also complained that printing had stopped after installing the security patch. (Another reason to always backup before installing any system update.) Readers said repairing permissions didn’t help.

Some users said deleting the /usr/libexec/cups/filter/pstops file (or replacing it from a backup) also worked.

Some readers said that reinstalling the Combo 10.5.2 Updater also worked.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “The Apple Core”

Topics

SSH, Printer Driver, Discussion Board, Instant Hijack, Leopard, PIE, Printers, Security, Hardware, Peripherals, David Morgenstern

David Morgenstern has covered the Mac market and other technology segments for 20 years.

Disclosure

David Morgenstern

Freelance journalist/blogger David Morgenstern has nothing to disclose.

Biography

David Morgenstern

David Morgenstern has covered the Mac market and other technology segments for 20 years. In the recent past, he founded Ziff-Davis' Storage Supersite, served as news editor for Ziff Davis Internet and held several executive editorial positions at eWEEK. In the 1990s, David was editor of Ziff Davis' award-winning MacWEEK news publication as well as its successor title, eMediaWEEKly, which focused on multiplatform professional content creation. His byline can be found online and in print publications including CreativePro.com, Peachpit Press' Mac Bible and Popular Photography.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
142
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Security update breaks printer drivers, Instant Hijack component
tomlin21-24319035676893835085146735905770 11th Oct
Hi there, Exceptional career inside of the weblog blog, it appears stunning. I'm very likely to bookmark it and will be sure to take a look at nfljersey often
View in thread
0 Votes
+ -
First rule of thumb for anyone OSX or Windows
James Quinn 19th Mar 2008
Let someone else be the test dummy...:P I usually try to keep
to this. Never by the first generation of a new hardware
product like say the iPhone. Never install a new OS first let
some others break the ground for you and never install
updates or patches right off the bat. I can't tell you how
many times over the years this has caused problems in both
departments the MAC and Windows PCs.

Pagan jim
0 Votes
+ -
True of all OSs and Apps. (nt)
No_Ax_to_Grind 19th Mar 2008
.
0 Votes
+ -
If Everybody took your advice
Real World 19th Mar 2008
If everybody took your advice, no one would ever buy anything... happy
0 Votes
+ -
Sometimes one has to step up and be that dummy...
zkiwi 19th Mar 2008
However, if you do it wisely (and have the capability to do it) then doing your own trials before deployment usually work out well.

However, if you're just on your own, then waiting is a good idea unless there's some major and compelling force driving you to patch and hope for the best.
0 Votes
+ -
I'll be first.
msalzberg 19th Mar 2008
I never hesitate to update anything.

Just to let you know, I've had no problems with my intel mini,
my G5 iMac, or my G4 iBook.

On the other hand, I don't use SSH, except to quiet people in
theaters.
0 Votes
+ -
No Problem Here
DannyO_0x98 19th Mar 2008
Ditto here, and I can add that I just tested ssh to connect
back home.
0 Votes
+ -
Nor Here
galley 20th Mar 2008
Installed the OS X security update and Safari 3.1 update on my MacBook (Intel Core 2 Duo, OS X 10.5.2) and my trusty old iMac G4 800 (OS X 10.4.12, IIRC), and have seen no problems with either.
0 Votes
+ -
My guess would be
frgough 20th Mar 2008
that the people with SSH and printing problems swapped out
the SSH and CUPS components that came with OS X with
"better" UNIX versions.
0 Votes
+ -
It's all freakin' horseshot
fr0thy@... 19th Mar 2008
Get off your posterior and, if you can't do that, ask a friend what to do to fix it - maybe get them round and enjoy a bottle of wine at the same time. Computing cannot keep pandering to the nitwits.
0 Votes
+ -
Nitwits
garry_k@... 19th Mar 2008
On the other hand not everybody can be a "tape on the glasses""pens in the pocket" nerd who doesn't have patience for the everyday ordinary non-tecnical user. These things should be worked out (read: done right) before they are dumped on the unsuspecting public. When you look at the size of this update, we sure know now that this OS wasn't as rosy as everybody was saying. There are a ton of problems.
0 Votes
+ -
That's true of most Apple fanboys
hasta la Vista, bah-bie 20th Mar 2008
They can barely get their email let alone turn the machine on.
0 Votes
+ -
Fool!
iPad-awan 20th Mar 2008
OSX just works!
0 Votes
+ -
Guess you forgot to read the article.
zachschi@... 20th Mar 2008
.
0 Votes
+ -
you can read that 2 ways
Paul Fletcher 20th Mar 2008
just works as in barely would be my take happy
0 Votes
+ -
Goodt point
jimk_z 20th Mar 2008
Well said. Although I am getting a bit of a laugh out of the whole security issue thing popping up with OSX. I got so tired of hearing people talking about Apple OS like it was somehow magically invulnerable. Hard lessons to be learned. Most Apple users I know take no precautions whatsoever to secure their machines. No Virus checking nothing.
0 Votes
+ -
Not strange just human nature...
James Quinn 21st Mar 2008
We in the United States have never suffered a serious
attack on us on our own shores. There were some but for
the most part they were either very small or failed
miserably. Now came 9\11 and it was so easily avoidable.
We did not have to listen or spy on our own people to
avoid it. In the end all we needed was for the FBI and CIA
as well as other security organizations like perhaps the
NSA to have been in constant contact sharing info. That
and only a slight heightened level of awareness would have
prevented 9\11, One of the reasons I think things like the
Partriot Act, Phone taping and email snooping as well as
the war in Iraq were all and are all not needed.

You can't blame people for being lax when generations of
them had grown up not knowing what could be. Same
with Mac users it's not real till it happens for many. I only
hope that when it does Mac users will be more level
headed than our own government was after 9\11,,,sigh.

Pagan jim
0 Votes
+ -
Not all true
blackjack861@... 21st Mar 2008
After the 1972 Watergate break-in, in which CIA personnel were involved. Public confidence was diminished, leading to more legal restrictions, on the agency. Executive orders signed by Presidents Ford and Carter. Brought increased oversight of The agency. It seems some of the things used by the agency, such as torture, assassinations, attempted assassinations, lying, kidnapping, and so on. Was a little too distasteful for us civilized Americans. As a result, by the early 1990s, the U.S. intelligence community found itself so restricted that it could hardly conduct its operations. This fact hit home after the terrorist attacks of September 11, 2001, when it became apparent that a lack of human intelligence had contributed to the government's failure to foresee the attacks. Should I say more???http://www.espionageinfo.com/Ch-Co/CIA-Legal-Restriction.html
0 Votes
+ -
Hmmmm I don't think much of our list
James Quinn 22nd Mar 2008
Torture, assassination, nor kidnapping were needed to
prevent 9\11. As I understood the case simple
communication between various intelligence organizations
would have prevented it. That and a greater sense of
urgency which again is human nature at its worse. We are
often surprised by the unexpected even though in hind site
one MIGHT have known better. Still I am glad that in the
past and hopefully the future things like torture will be but
a sad and dark part of our history much like slavery. It was
not needed to prevent 9\11 nor has anyone shown that it
is needed after 9\11. At least to my satisfaction.

Pagan jim
0 Votes
+ -
Also
blackjack861@... 22nd Mar 2008
Do you realized, that the number of aircraft, that the terrorist could have hijacked. Was only limited by the number of suicide teams they had. They could have hijacked 50 aircraft. Because the gullible public was demanding, that the government.Do something about the long waits, because of security checks.The government threaten to fine the airlines. So the airlines as most companies will do. Ordered their personnel to speed up operations. So everything was sped up, and security became a joke.After 9-11, I haven't heard anything more, about the government fining the airlines for long waits, HAVE YOU????
0 Votes
+ -
What's the point?
Richmedia 21st Mar 2008
It gets pretty boring scanning my HD for
viruses, and coming up, multiple times, with
nothing, nada, zip.

I run no firewall beyond the built-in system
version, and no anti-virus soft. I am behind a
NAT router, which, other than a regular back-
up strategy, is all of the protection that I need.

Viruses are for Windows.
0 Votes
+ -
RE: Security update breaks printer drivers, Instant Hijack component
ebmarquez 19th Mar 2008
Sounds like Apple is pushing out a JAIL or Chroot system for OSX. It's a common way to run operation in a Unix environment when you don't trust your users. In the long run it sounds like the right thing to do but, it sucks to be broken.
0 Votes
+ -
Difference being....
Spiritusindomit@... 20th Mar 2008
This isn't a business environment, these are personal machines.
0 Votes
+ -
how odd!
Paul Fletcher 20th Mar 2008
I updated 2 desktops and a laptop to Vista SP1 yesterday - all three completed in less than the time promised. All three work, network access is a little snappier.

Oh well, I am sure it was some sort of undocumented feature designed to help the end user.....
0 Votes
+ -
The patch to patch the patch for the patch that patched the last patch
NonZealot 19th Mar 2008
Phew, as happy as I was yesterday that I didn't use OS X, I'm twice as happy now!! Likewise, I feel twice as bad for those who paid twice as much and got this sort of garbage quality. sad
0 Votes
+ -
They are emulating Windows more and more
deaf_e_kate 20th Mar 2008
as time moves on......

:o)
0 Votes
+ -
True
Rude Union 20th Mar 2008
I've got both where I work and at home. I would say 95 percent of all my problems come from Windows machines. It comes from a design perspective, where Windows's roots come from a complicated mess of code from way back in the early 90's, and the Mac OS is a clear and clean redesign in 2001. Then there's Windows attempts to steal the Mac's ideas with poor execution: Vista. If Vista was supposed to turn the tables on Windows complexity, they should fire the person who made decisions on interface, nested menu design, control panel structure, networking - don't get me started on their lame Windows networking, memory management, etc.
Sure the Mac OS isn't perfect, I've had my share of problems from time to time, but nothing on the scale and magnitude that Windows causes.
Did this patch affect me? No, so I can't complain. When you're working with vendors you're bound to come across problems. Fix them and move on. This is what I see happening here. It's far cry from Microsoft denying problems exist and doing nothing to correct them. Windows could have been so much better if only they continued with Windows XP's progression.
Whatever. Windows problems keep me and the whole IT industry employed. I guess we should be worried if Apple actually started making marked inroads into the corporate world. happy
0 Votes
+ -
We're Happy that You're Happy
philpenn 20th Mar 2008
I remember stories very much like this for Windows 95, 98, ME, 2K, and XP as they were patched and Service Packed. I experienced a few of them myself while using the OSes and being an MS apologist for years. I do not find anything out of the ordinary here other than the fact that OS X has turned out to be, well, ordinary.

I am also happy that you never invested in a Mac. I have switched and find my decision to go Mac instead of Vista absolutely fine. Go bash something you know about like a chutes and ladders game or a rule violation in Candy Land.
0 Votes
+ -
Once again....
An Apple a Day 20th Mar 2008
As happy as I was yesterday that you were not a MAC user, I'm twice as happy now! Likewise, I feel twice as bad that you haven't the pleasure of using a MAC, or your jaded opinion just might change (image that).
As a former Windows user, I am totally happy I made the switch.

"ONCE YOU GO MAC, YOU NEVER GO BACK!" wink
0 Votes
+ -
Is that like your boyfriend...
Spiritusindomit@... 20th Mar 2008
When he beats you and leaves you too scared to tell the police?
0 Votes
+ -
hahahahahahah
philpenn 20th Mar 2008
That was funny! Not bad for a six year old!
0 Votes
+ -
Hmmm.....never had that happen.....
An Apple a Day 20th Mar 2008
...to or by me. Is this a regular occurrence in your house? If so, then I can see a reason for you being so hostile. :-D
0 Votes
+ -
Non-Zealot? and his patches
dschlegel@... 20th Mar 2008
I find it funny that everyone is having so much fun with
this. First off Non-Zealot, you need to change your name
or at least look up the meaning of Zealot. As far as these
patches are concerned, having owned and operated a Mac
for more than 10 years and also having used Windows
based PC's for just as many years, I have found what
everyone is complaining about to be absolute bull.
Windows has updates which are also patches almost every
single day. Hundreds of them if you do a fresh install of XP
or any other version of Windows. Mac's however have had
few updates. I think in the last 2 years that I have been
running 10.4 I have had maybe 4 major updates. Woooo,
book the crucifixion march. No one is perfect, a
programmer will make an error. Have any of you ever
coded or programmed? Your talking about thousands,
hundreds of thousands and millions of lines of code! Yeah,
I can see a screw up happening. Nonetheless, Mac does
not have near the problems a Windows based PC has, but
we have to put up with it because it is the industry
standard. But that is not always the case either anymore.
More and more businesses are switching because of the
reliability and ease of use. We shall see what happens but I
for one, who has been loyal to Apple for as long as I can
remember, will not jump off the bandwagon just because
of a little issue like this.
0 Votes
+ -
hmm
Badgered 20th Mar 2008
Windows has updates which are also patches almost every single day.

Not true... Not even close.

Doesn't matter though, Updates are there to fix issues. I'd be more worried if Updates didn't happen no matter what OS we're talking about.

Now, when those updates break things such as Vista SP1 and this new one from Apple... well that can be a real problem.
0 Votes
+ -
you won't jump
Paul Fletcher 20th Mar 2008
until Steve says so - and then you will ask him how high happy
0 Votes
+ -
Jump?
blackjack861@... 21st Mar 2008
I wonder how high Steve Ballmer jump, when Bill Gates say JUMP!!
0 Votes
+ -
Of course not...
hasta la Vista, bah-bie 20th Mar 2008
We shall see what happens but I for one, who has been loyal to Apple for as long as I can remember, will not jump off the bandwagon just because of a little issue like this.

Of course not. You shouldn't dream of it. You are now part of the Jobs Borg. You have been absorbed.
0 Votes
+ -
c'mon wake up
Paul Fletcher 20th Mar 2008
It's nowhere near as bad as you make out. I am a Windows and Mac user (the Mac part out of inheritance). It is kind of poetic justice for Apple though - the last major update mucked up systems and now this minor update did it again.

Is Apple the new Britney Spears, once slick and sexy, now revealed to be just another OS with problems......?
0 Votes
+ -
From TUAW.com...
msalzberg 19th Mar 2008
"One emergent common thread for some of the problems is
the presence of a Rogue Amoeba audio utility"
0 Votes
+ -
Says a lot for OS X!!
NonZealot 19th Mar 2008
When an audio utility can cause printer drivers to fail, it really says a lot for the robustness of an OS! Yikes! Glad I didn't pay for the garbage that you guys have to apologize for! happy
0 Votes
+ -
Says very little about you
zkiwi 19th Mar 2008
You really never read the article or much of the posts did you.

Or does "some" now mean printer?
0 Votes
+ -
Says a lot about you.
msalzberg 19th Mar 2008
When someone posts something without any understanding
of the issues involved, it really says a lot for that person's
lack of shame. Yikes! Glad I don't pay to read the garbage
this guy leaves here!
0 Votes
+ -
Actually, it says a lot about "NonZealot"
the_doge 20th Mar 2008
Specifically, the fact that "NonZealot" is always the first with the most rabidly anti-Apple post, regardless of the actual content of the article to which he is referring, is surely one of the great examples of accidental irony in these fora.
0 Votes
+ -
Maybe he doesn't like fanboys
hasta la Vista, bah-bie 20th Mar 2008
Come to think of it, I don't either...

wink
0 Votes
+ -
NonZealot is stupid
bmerc 20th Mar 2008
Do you have that in common with him as well?
0 Votes
+ -
Are you guilty of something
hasta la Vista, bah-bie 21st Mar 2008
Do you have that in common with him as well?

Or are you in the habit of asking stupid questions as well...
0 Votes
+ -
If he didn't like fanboys....
themusicmanrk 20th Mar 2008
If he didn't like fanboys, he'd be using some obscure OS that
no one talks about like a DOS CLI happy.
0 Votes
+ -
Says a lot about you...
msalzberg 20th Mar 2008
If you dislike someone because of their enjoyment (however
irrational it may be) of a product, yet you like someone
because of their hatred (however irrational) of a product.

Glass is half-empty kinda guy, huh?
0 Votes
+ -
Says you
hasta la Vista, bah-bie 21st Mar 2008
It's not a matter of "like" or "dislike" of anybody specifically. I just don't happen to like fanboys, period. Regardless of OS.

~

If it sounds too good to be true, it probably is...
0 Votes
+ -
Sorry, did I bother you at recess?
msalzberg 21st Mar 2008
"Says you?"
0 Votes
+ -
Am I hearing an echo?
hasta la Vista, bah-bie 21st Mar 2008
Did you not understand what I just said? Is there a comprehension problem here?

Well just in case there is, here it is again for your viewing pleasure.

"It's not a matter of "like" or "dislike" of anybody specifically. I just don't happen to like fanboys, period. Regardless of OS."

I generally don't have to repeat myself, except to those who may be guilty of something.

A fan*** perhaps?

wink
0 Votes
+ -
RE: Security update breaks printer drivers, Instant Hijack component
tomlin21-24319035676893835085146735905770 11th Oct
Hi there, Exceptional career inside of the weblog blog, it appears stunning. I'm very likely to bookmark it and will be sure to take a look at nfljersey often

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix