Editing the Custom Dictionary on Apple Mac Computers

If you’ve ever mistakenly added a word to you custom dictionary using right click and Learn Spelling for a misspelled or unknown word, you will want to correct this in your custom dictionary.

Follow these steps to update your custom dictionary.

  1. Open your user Library folder. To do this, hold down the Option key and then from the Go menu in the Finder choose Library.
  2. Open the Spelling folder.
  3. Open the Text Edit program found in your Applications.
  4. Click and drag the LocalDictionary file (found in the Spelling folder) to the Text Edit icon in your Dock. This will open the file in the editor.
  5. From the File menu, choose Duplicate to create a backup copy of the file. Give it a name like LocalDictionary Backup.
  6. Make the desired changes to the main file (not the backup file).
  7. If you’re on a newer Mac, the LocalDictionary file will update automatically.

NTFS for Mac – Read Windows Hard Drive in Hibernation Mode

If you are using an Apple computer and need to read hard drives formatted as NTFS for Windows computers you will want NTFS for Mac by Paragon. While it’s usually possible to read NTFS formatted drives on an Apple Mac computer, it’s not possible to write to such drives.

If you’re using the NTFS for Mac software, you may occasionally plug in an NTFS drive and see a Recovery or System Reserved partition show up on the desktop, but the main Windows OS hard drive will not show up.

This happens when the Windows computer was not shut down properly, but instead turned ‘off’ by going into hibernate mode.

If you go into the NTFS for Mac software you will see the OS drive listed in the left column. When you select the drive, and attempt to manually mount the drive, a message will indicate that the drive can’t be mounted because it was shut down in hibernate mode.

You will need to choose the “Mount in Read-only mode” option and then try mounting again. This will allow you to read the drive.

SOLVED: “Cannot connect to Adobe update server.”

If you are an Apple Mac computer user, and get a notification stating: “Cannot connect to Adobe update server” it is likely because you have an older version of Adobe Reader installed.

The message looks something like this:

If you install the latest Adobe Acrobat DC, it should fix this problem. You can find the latest version on Adobe’s website here:

https://get.adobe.com/reader/



Apple MacOS – How to Enable View Scroll Bars

In recent years, software, operating systems, and web interfaces have embraced a design trend where menus and controls are hidden unless you reveal them. When you move your mouse over just the right area of the screen, some controls, icons, or menu options will appear. You’ve likely seen this on your computer.

With Apple Mac computers, if you have a laptop or iMac with a trackpad connected the vertical and horizontal scroll bars will only appear if you move your fingers on the trackpad. If you’re not quick enough. The scroll bars disappear before you can click on them.

The default setting for showing scroll bars is set as: “Automatically based on mouse or trackpad.”

This is particularly a problem if you’re in a spreadsheet. With a mouse, you can move the scroll wheel on the mouse to reveal the vertical scroll bar. However, to move left and right within the spreadsheet, you’ll need to use a trackpad to reveal the horizontal scroll bar.

To have both the vertical and horizontal scroll bars visible all the time regardless of whether you use a mouse or trackpad, go to System Preferences > General and choose “Always” as shown below.

Avast AntiVirus for Mac Configuration for Apple Mail

If you’re using Avast AntiVirus for Mac and would like to use the Apple Mail program, you may notice a security certificate error when trying to access your email provider.

Avast has a 23 page document explaining how to correct this error.  The steps involve exporting a certificate from Avast and importing it into your mail client.

Alternative Option

If you don’t care about scanning inbound emails, you can enter your email server address as an exception and Avast won’t try to scan emails from that server. See the example below. To find this screen, open Avast, choose Preferences, then select settings for the Mail Shield. Press the + button to add your mail server.

STEP 1 – Open Avast

20170311sa1747-avast-mac-apple-mail-server-certificate-error-open-home

 STEP 2 – CHOOSE PREFERENCES

20170311sa1747-avast-mac-apple-mail-server-certificate-error-shields

STEP 3 – ADD YOUR EMAIL SERVER

Replace the example below with your own email host. Use POP or IMAP as needed.

20170311sa1747-avast-mac-apple-mail-server-certificate-error

Apple iCloud Sync Problems with Contacts and Calendar

You may occasionally experience synchronization issues with Apple iCloud, specifically with contacts or calendar entries.

Most of the time, when you add a contact or calendar event on your desktop or laptop computer, it will immediately and magically show up on all your other devices. However, sometimes it may be several minutes later and it doesn’t show up.

This can be a problem if you leave your home or office, thinking the recently added contacts will now be on your mobile device, but they aren’t.

This problem goes both ways. Sometimes items added to mobile devices don’t show up on their OS X equivalent apps.

So, here’s a trick that just might work:

  • On OS X, you can exit the Calendar or Contacts apps and start them again. This can help force a synchronization with iCloud.
  • On mobile devices, closing and re-opening apps may or may not work. You may need to add a new contact or event for the synchronization to be initiated.

Push technology is supposed to ensure that data synchronization and flow is forced to happen in real-time. However, it sometimes doesn’t work, so these tips can help in such situations.

These problems, and the solutions mentioned above, can actually happen on any synchronization platform (Windows, Android, Chrome OS, Linux, etc.) so it’s not necessarily an issue isolated to Apple.

For Google devices, a check-in can be established by sending an email or checking for new messages. This will initiate communications with their cloud services.

How to Adjust Brightness on Secondary Apple Mac Display

If you have an Apple Mac computer with a second Apple display attached, you can adjust the brightness using the following keyboard key combination on an Apple keyboard:

Hold the control key while pressing the brightness up or down keys (F1 / F2)

This only works with Apple displays and may not work on all Apple computers. This is typically an issue for people with MacBook laptop computers since the common configuration is to use the built-in display and also an external Apple display.

20160118mo0801-adjust-brightness-on-secondary-apple-mac-cinema-27-inch-display

Here’s Why Apple Makes the Best Windows Computer

Apple computers have the ability to run Windows, Linux, and Apple operating systems. Here are some reasons why purchasing an Apple laptop or desktop computer is a good decision for Windows users.

  1. Design. Apple computers are known for their beautiful design. This makes them pleasant to interact with.
  2. Displays. Apple has always had nice computer displays and the latest computers include Retina display technology in their laptop and high-end desktop computers. With ambient light sensors and keyboard controlled brightness, you can personalize the display making it very easy on your eyes.
  3. Keyboard. The Apple wireless or wired keyboards are excellent for those working long hours on the computer. The keys have short travel, and entry errors are almost non existent. Apple keyboards feature short-travel keys, which means your fingers don’t need to push the keys down as far, and you can type faster with less effort.
  4. Multiple Operating Systems. Using a product like VMWare Fusion, you can run multiple operating systems on an Apple computer. You can have Apple, Windows, and Linux. If you’re a computer and technical support professional, you’ll likely need to support Apple and Windows computers. With virtual computing, you could have Windows 7, Windows 8, and Windows 10 running at the same time.
  5. Portability. The newer MacBook computers are thiner and lighter than previous models. The new MacBook, MacBook Air, and MacBook Pro computers are very thin and light.
  6. Security. Although Apple computers aren’t entirely impervious to viruses, they are much more secure than Windows computers.
  7. Space Savings. Apple iMac computers are slim and accommodate an aluminum wireless keyboard that takes up very little desk space.
  8. Touch Pad. For those concerned about repetitive stress injuries, the Apple touchpad is essential. It’s highly accurate, easy to use, and with multiple gestures that require a very light touch.
  9. Voice Dictation. Apple uses the same Siri voice recognition technology in their desktop/laptop operating system as with the iPhone. It’s quite accurate in a quiet environment.

20150225we-apple-computer-renewable-energy-santa-monica

Multiple Security Vulnerabilities in Apple Mac OS X and Apple Safari

From: State of Iowa – Information Security Office

Date Issued:  May 5, 2015

Maximum Risk Rating/Severity:  High

Brief Summary: All Apple computers (prior to v10.10.3) are vulnerable to the 46 security exploits described below. Update to the latest version of Yosemite immediately.

Overview:

Multiple vulnerabilities have been discovered in Apple MAC OS X and Apple Safari. Mac OS X is an operating system for Apple computers. Apple Safari is a web browser available for Mac OS X and Microsoft Windows. These vulnerabilities can be exploited if a user visits or is redirected to a specially crafted webpage, or opens a specially crafted file, including an email attachment, using a vulnerable version of OS X.

Successful exploitation could result in an attacker gaining the same privileges as the logged on user, remote code execution within the context of the application, and bypass of security systems. Failed attacks may cause a Denial of Service condition within the targeted delivery method. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. 

Affected Software:

Apple Mac OS X Yosemite prior to v10.10.3

Apple Mac OS X Mavericks v10.9.5

Apple Mac OS X Mountain Lion v10.8.5

Apple Safari v8.0.5, 7.1.5, and 6.2.5

Description:

Multiple remote code execution vulnerabilities have been discovered in Mac OS X that could allow remote code execution. These vulnerabilities can be exploited if a user visits or is redirected to a specially crafted webpage or opens a specially crafted file. Details of these vulnerabilities are as follows:

  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to privilege escalation due to an issue with checking XPC entitlements (CVE-2015-1130).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 have multiple vulnerabilities in Apache prior to versions 2.4.10 and 2.2.29 including one that may allow a remote attacker to execute arbitrary code (CVEs 2015-1066, 2013-5704, 2013-6438, 2014-0098, 2014-0117, 2014-0118, 2014-0226, and 2014-0231).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion 10.8.5, and OS X Mavericks v10.9.5 ATS (Apple Type Services) are prone to multiple input validation issues in fontd which may allow a local user to execute arbitrary code with system privileges (CVEs 2015-1131, 2015-1132, 2015-1133, 2015-1134, and 2015-1135).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to a cross-domain cookie issue which may result in cookies belonging to one origin may be sent to another origin (CVE-2015-1089).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to a cross-domain HTTP request issue which may result in authentication credentials being sent to a server on another origin (CVE-2015-1091).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to an input validation issue which may result in the execution of arbitrary code by visiting a maliciously crafted website (CVE-2015-1088).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to a use-after-free issue in CoreAnimation which may result in the execution of arbitrary code by visiting a maliciously crafted website (CVE-2015-1136).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to multiple memory corruption issues in the processing of font files, which may result in the execution of arbitrary code by processing a maliciously crafted font file (CVE-2015-1093).
  • Apple Mac OS X Yosemite prior to v10.10.2 and OS X Mavericks v10.9.5 are prone to an issue with NVIDIA graphics driver’s handling of certain IOService userclient types, which may allow a local user to execute arbitrary code with system privileges (CVE-20215-1137).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to an input validation issue in the hypervisor framework which may allow a local application to cause a denial of service (CVE-2015-1138).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to a memory corruption issue in the handling of .sgi files which may result in the execution of arbitrary code by processing a maliciously crafted .sgi file (CVE-2015-1139).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to a memory corruption issue which may allow a malicious HID (Human Interface Device) to cause arbitrary code execution (CVE-2015-1095).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to a buffer overflow issue which may allow a local user to execute arbitrary code with system privileges (CVE-2015-1140).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prune to a kernel memory content disclosure issue which may allow a local user to determine kernel memory layout (CVE-2015-1096).
  • Apple Mac OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.5 are prone to a heap buffer overflow in the IOHIDFamily’s handling of key-mapping properties which may allow a malicious application to execute arbitrary code with system privileges (CVE-2014-4404).
  • Apple Mac OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.5 are prone to a null pointer deference issue in the IOHIDFamily’s handling of key-mapping properties which may allow a malicious application to execute arbitrary code with system privileges (CVE-2014-4405).
  • Apple Mac OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.5 are prone to an out-of-bounds issue in the IOHIDFamily driver which may allow a use to execute arbitrary code with system privileges (CVE-2014-4380).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to an issue in the handling of virtual memory operations within the kernel which may allow a local user to cause unexpected system shutdown (CVE-2015-1141).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to a race condition in the kernel’s setreuid system call which may allow a local user to cause a system denial of service (CVE-2015-1099).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to setreuid and setregid system calls not dropping privileges permanently which may allow a local application to escalate privileges (CVE-2015-1117).
  • Apple Mac OS X Yosemite prior to v10.10.2 ICMP redirects were enabled by default, which may allow an attacker with a privileged network position to redirect user traffic to arbitrary hosts (CVE-2015-1103).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to an issue processing TCP headers which may allow an attacker with a privileged network position to cause a denial of service (CVE-2015-1102).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to an out of bounds memory access issue which may allow a local user to cause unexpected system termination or read kernel memory (CVE-2015-1100).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to improper treatment of some IPv6 packets which may allow a remote user to bypass network filters (CVE-2015-1104).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to a memory corruption issue in the kernel which may allow a local user to execute arbitrary code with kernel privileges (CVE-2015-1101).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to a state inconsistency issue in the handling of TCP out of band data which may allow a remote attacker to cause a denial of service (CVE-2015-1105).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to an input validation issue in LaunchService’s handling of application localization data which may allow a local user to cause the Finder to crash (CVE-2015-1142).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to a type confusion in LaunchService’s handling of localized strings which may allow a local user to execute arbitrary code with system privileges (CVE-2015-1143).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to a memory corruption issue in the handling of configuration profiles which may allow the processing of a maliciously crafted configuration profile to cause unepxted application termination (CVE-2015-1118).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to weak key generation in ntpd when an authentication key is not configured which may allow a remote attacker to brute force ntpd authentication keys (CVE-2014-9298).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to multiple input validation issue in OpenLDAP which may allow a remote unauthenticated client to case a denial of service (CVEs 2015-1545 and 2015-1546).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to multiple vulnerabilities in OpenSSL 0.9.8zc, including one that may allow an attacker to intercept connections to a server that supports export-grade ciphers (CVEs 2014-3569, 2014-3570, 2014-3571, 2014-3572, 2014-8275, and 2015-0204).
  • Apple Mac OS X Yosemite prior to v10.10.2 and OSX Mavericks v10.9.5 are prone to an Open Directory Client issue which may allow an unencrypted password to be sent over the network when using Open Directory from OS X Server (CVE-2015-1147).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to multiple vulnerabilities in PHP, including one which may lead to arbitrary code execution (CVEs 2013-6712, 2014-0207, 2014-0237, 2014-0238, 2014-2497, 2014-3478, 2014-3479, 2014-3480, 2014-3487, 2014-3538, 2014-3587, 2014-3597, 2014-3668, 2014-3669, 2014-3670, 2014-3710, 20214-3981, 2014-4049, 2014-4670, 2014-4698, and 2014-5120).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to a memory corruption issue in the handling of iWork files which may allow an opened, maliciously crafted iWork file to execute arbitrary code (CVE-2015-1098).
  • Apple Mac OS X Mountain Lion v10.8.5 is prone to a heap buffer overflow which may allow viewing a maliciously crafted Collada file to lead to arbitrary code execution (CVE-2014-8830).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to an issue that may allow a user’s password to be logged to a local file (CVE 2015-1148).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to an issue that may allow tampered applications to launch (CVEs 2015-1145 and 2015-1146).
  • Apple Mac OS X Yosemite prior to v10.10.2 is prone to a memory corruption issue in WebKit that may result in arbitrary code execution after visiting a maliciously crafted website (CVE-2015-1069).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to an issue in Safari that may allow users to be tracked by malicious websites using client certificates (CVE-2015-1129).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to an issue in Safari that may allow user’s browsing history in private browsing mode to be revealed (CVE-2015-1128).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to an issue in Safari that will cause the incomplete purging of a user’s browsing history (CVE-2015-1112).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to multiple memory corruption issues in WebKit that may result in unexpected application termination or arbitrary code execution after visiting a maliciously crafted website (CVEs 2015-1119, 2015-1120, 2015-1121,2015-1122, and 2015-1124).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to a state management issue that may result in a user’s browsing history in private mode being indexed (CVE02015-1127).
  • Apple Mac OS X Yosemite prior to v10.10.2, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5 are prone to a an issue in WebKit’s credential handling for FTP URLs that may result in resources of another origin being accessed after visitng a maliciously crafted website (CVE-2015-1126).
  • Security Update 2015-004 (available for OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.5) also addresses an issue caused by the fix for CVE-2015-1067 in Security Update 2015-002. This issue prevented Remote Apple Events clients on any version from connecting to the Remote Apple Events server. In default configurations, Remote Apple Events is not enabled.

Successful exploitation could result in an attacker gaining the same privileges as the logged on user, remote code execution within the context of the application, and bypass of security systems. Failed attacks may cause a Denial of Service condition within the targeted delivery method. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Solution/Recommendations:

We recommend the following actions be taken:

  • Upgrade to Apple Mac OS X Yosemite 10.10.3 immediately after appropriate testing.
  • Apply appropriate updates provided by Apple to vulnerable systems immediately after appropriate testing.
  • Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
  • Remind users not to download, accept, or execute files from un-trusted or unknown sources.
  • Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.

Apple References:

20140226we-apple-computer-security-500x500

Cisco AnyConnect Web Security Not Compatible with Avast Apple Mac

If you attempt to install Avast Antivirus on your Apple Mac computer, you may get the following error message:

Incompatible software detected. The Web Security module of Cisco has been detected, which is not compatible with Avast. To install the Avast product, please uninstall the incompatible module first.

When you click the Close button, the installation will immediately quit.

Follow these instructions to fix this problem:

  1. If you have a direct license with Cisco, you can visit the Cisco Software Download Page and download the AnyConnect Secure Mobility Client. Navigate to the AnyConnect Secure Mobility Client v3.x download page and look for the download called Standalone DMG package for Mac OS X “Intel” platforms.
  2. For many people, you will need to go to your organization or employer software download page and download the version provided.
  3. Follow the installation instructions, and remember not to select the Web Security module (see below). This will configure the software so that Avast can be installed.

These are the installation screens. Click any image for a larger gallery view.