Apple Software Update

"Software Update" redirects here. For software updates in general, see Patch (computing).

Apple Software Update

Software Update in OS X Lion
Developer(s)	Apple Inc.
Operating system	Mac OS 9 OS X Windows
Type	System Utility
License	Proprietary
Website	www.apple.com/softwareupdate

Software Update is a software tool by Apple Inc. that installs the latest version of Apple software on computers running OS X. It was originally introduced to Mac users in Mac OS 9. A Windows version has been available since the introduction of iTunes 7, under the name Apple Software Update. Software Update automatically informs users of new updates.

The program is part of the CoreServices in OS X, found at /System/Library/CoreServices/Software Update.app, or by choosing Software Update from the Apple menu. Software Update can be set to check for updates daily, weekly, monthly, or not at all; in addition, it can download and store the associated .pkg file (the same type used by Installer) to be installed at a later date and maintains a history of installed updates.

Software Updates consist of incremental updates of the Mac OS and its applications, Security Updates, device drivers and firmware updates. All software updates require the user to enter their administrative password, as with all consequential system changes. Some updates require a system restart. Starting with OS X 10.5, updates that require a reboot log out the user prior to installation and automatically restart the computer when complete; in earlier versions, the updates are installed, but critical files are not replaced until the next system startup.

As of OS X Mountain Lion, Software Update has been unified into Mac App Store.

1 Command line
2 Criticism
3 References
4 External links

Command line [edit]

All of Software Update's features are available through the command-line program softwareupdate. The command to update everything from a terminal command line is "sudo softwareupdate -i -a".

The command line usage for softwareupdate in OS X 10.6 is as follows (this is a result of "sudo softwareupdate -h"):

usage: softwareupdate <mode> [<args> ...]

        -l | --list             List all appropriate updates
        -d | --download         Download Only
        -i | --install          Install
                <label> ...       specific updates
                -a | --all              all appropriate updates
                -r | --recommended      only recommended updates

        Per-user preferences:
        --ignore <label> ...      Ignore specific updates
        --reset-ignored         Clear all ignored updates
        --schedule (on | off)   Set automatic checking

        -v | --verbose  Enable verbose output
        -h | --help     Print this help

Using this tool, it is fairly straightforward for administrators to automatically install incoming updates by adding a cron job, or using the new launchd scheduling system, the latter is recommended (don't forget the "sudo" if run from a terminal command line):

softwareupdate --install --all

or to be more cautious, just

softwareupdate --install --recommended

It is prudent to set the job to run only every few days to allow for time to jump in with an --ignore if a particular update is reported to have issues by early adopters. If running as a cron job, it is also a good idea to avoid running the update while a user is logged in, especially since some updates require reboot to take effect. (softwareupdate does not reboot automatically, it merely displays a warning on its standard output if a reboot is necessary.) Remote administrators may also be interested in also using the cURL and installer command line utilities to set up their own software update system.

Criticism [edit]

Apple Software Update under Wireshark

Software Update uses predictable TCP sequence numbers and plain text HTTP. Neither the command line nor GUI tools allow the user to use unpredictable sequence numbers or HTTPS. Mac OS X 10.8 uses HTTPS by default and allows a user to downgrade to HTTP, but still uses predictable sequence numbers.^[1]

Apple's Software Update download server allows weak and wounded ciphers, and the server does not support secure renegotiation. Performing test connections using openssl s_client showed the server would agree to RC4-MD5. In fact, ARC4-MD5 was the server's preferred cipher. While confidentiality is not an issue (everyone gets the same update), authenticity is an issue and user must have assurances that they are communicating with the expected server and the communications are not tampered (MD5 is considered insecure by the cryptographic community, and should not be used).^[2]

In March 2008, Apple began offering its web browser, Safari, through Apple Software Update for Windows. The Safari download was selected by default for installation by Apple Software Update.^[3] After significant criticism from the IT community, Apple changed its policy and Safari was no longer selected by default for download.^[4] Apple Software Update for Windows now offers new software and an optional download, in addition to updates for already-installed software.

References [edit]

^ OS X: Updating OS X and Mac App Store apps, September 19, 2012, retrieved September 23, 2012
^ [Bruce] (August 19, 2004), Cryptanalysis of MD5 and SHA: Time for a New Standard, retrieved September 23, 2012
^ "Apple pushes Safari on Windows via iTunes updater". CNET. Retrieved 2009-10-23.
^ "Apple updates Software Update for Windows, Safari optional". Ars Technica. Archived from the original on 12 October 2009. Retrieved 2009-10-23.

External links [edit]

Using Software Update for Windows to keep your Apple software up-to-date

OS X

Versions

Applications

Automator Calculator Calendar Chess Contacts Dashboard Dictionary DVD Player FaceTime Finder Grapher iTunes (version history) Mac App Store Mail Messages Notes Notification Center Photo Booth Preview QuickTime Reminders Safari (version history) Stickies TextEdit

Discontinued	Front Row iChat iSync Sherlock

Utilities

Activity Monitor AirPort Utility Archive Utility Audio MIDI Setup Bluetooth File Exchange ColorSync Console Crash Reporter DigitalColor Meter Directory Utility DiskImageMounter Disk Utility Font Book Grab Help Viewer Image Capture Installer Keychain Access Migration Assistant Network Utility ODBC Administrator Remote Install Mac OS X Screen Sharing Software Update System Preferences System Information Terminal Universal Access VoiceOver

Discontinued	X11.app

Technology and user interface

AirDrop Command key Option key Apple menu Apple Push Notification Service AppleScript Aqua Audio Units Bonjour Boot Camp BootX Brushed metal Carbon Cocoa ColorSync Core Animation Core Audio Core Data Core Foundation Core Image Core OpenGL Core Text Core Video CUPS Cover Flow Darwin Dock FileVault Gatekeeper Grand Central Dispatch icns Inkwell I/O Kit Kernel panic Keychain launchd Launchpad Mach-O MacRuby Menu extra Mission Control OpenCL Preference Pane Property list Quartz QuickTime Quick Look Smart Folders Spaces Speakable items Spotlight Stacks Time Machine Uniform Type Identifier Universal binary WebKit Xgrid XNU

Discontinued	Classic Environment Rosetta

v t e Mac OS

Applications	Calculator Chooser Drive Setup DVD Player Finder Graphing Calculator Keychain Access PictureViewer PowerTalk QuickTime Player Network Browser Scrapbook Sherlock Software Update Stickies Apple System Profiler SimpleText

Developer	MacsBug Macintosh Programmer's Workshop ResEdit

Technology	Alias Apple menu Balloon help Bomb Error Command (⌘) Control Panel Control Strip Creator code Hierarchical File System HFS Plus Keychain Labels Macintosh File System Option (⌥) OSType PICT QuickDraw QuickTime Resource fork Special menu Startup Screen System Folder System suitcase Type code WorldScript

Related articles	Manager Toolbox Memory Management Old World ROM New World ROM EFI

v t e Apple Inc. software on Windows platforms

Software	AirPort Utility Bonjour Boot Camp iCloud iTunes QuickTime Software Update

Discontinued	AppleWorks (Still avaliable) MobileMe Safari (Still avaliable)

Contents

Command line [edit]

Criticism [edit]

References [edit]

External links [edit]