Remote Apple Events may break with Security Update 2015-002

AppleScriptEditorIconXRemote Apple Events allows you to use AppleScript routines to control another Mac; however, if you have installed the latest security updates for OS X, then you might find your scripts and any programs that use Remote Apple Events may not work, and give you an error. This may be especially true for communication between systems running OS X 10.8 and 10.9 Server, and OS X 10.10.

The communication for Remote Apple Events occurs through the “eppc” protocol, which you can use like a standard “ftp” or “http” protocol to address a target machine and send commands to it. If you use AppleScript regularly then you may be familiar with this, but a simple approach is the following:

  1. Turn on Remote Apple Events in the Sharing system preferences of one Mac
  2. Open the Script Editor on another Mac on the same network
  3. Type the following command, replacing COMPUTER-NAME with the bonjour name or local IP address of the target Mac:
tell application "Finder" of machine "eppc://COMPUTER-NAME” to activate

This routine should require you to authenticate, and then activate the Finder on the remote Mac for the account with which you authenticated. You can perform a similar routine and target your current Mac, by using “localhost” or the loopback IP address” as the computer name in the URL.

This approach has its uses, such as creating and running scripting routines on a main central Mac that you can have execute on any remote Mac that you target—an approach that may be particularly useful for server administrators. However, with the latest security updates, some systems may no longer accept communication by the eppc protocol, breaking this approach either in AppleScripts or in programs that use Remote Apple Events.

Recently MacIssues reader Matt S. wrote in about his ongoing inability to control various Macs using eppc, and in testing the above script for activating the Finder, found that the following conditions fairly consistently fail:

  • Either OS X 10.8 or 10.9 Server communicating to 10.6 through 10.9
  • OS X 10.10 Server communicating to 10.8 and 10.9

This suggests some detail implemented with the security update in OS X Server versions 10.8 and 10.9 is breaking this version’s ability to communicate with other Macs using eppc. Oddly, the reverse is true for OS X 10.10, where it will receive communication from these versions of OS X, but not be able to send communications to 10.8 or 10.9. Either way, the problem is linked to the latest security updates Apple has released.

The suspicion here is that with the release of Security Update 2015-002, Apple revoked the way OS X handles some network encryption routines in order to close a few security holes in OS X (including the FREAK vulnerability in the Secure Transport layer), and in doing so interrupted the system’s ability to use Remote Apple Events. Unfortunately, it is somewhat unclear how to overcome this problem, so if it is affecting you, then you have two options:

  1. Create a version of your scripts to only target the local machine, and then deploy them.
  2. Restore your Macs to a backup before having installed the security updates.

4 thoughts on “Remote Apple Events may break with Security Update 2015-002

  1. tingo

    Attempting to apply this Security Update 002 completely and utterly “destroyed” my Mavericks installation, even making the machine unable to boot up. Never in over 20 years of using Apple’s products had such a disaster ever happened. Better still, when I tried to recover the damn thing with Time Machine (first time I ever had to use Time Machine), it refused to accept the backups I’d so painstakingly been collecting (“an error has occurred”, not better specified). Reformatted the volume, and still it wouldn’t accept my Time Machine backups.

    I then got sick of the whole compulsive updatishness, and decided to reformat the whole disk, and reinstall Snow Leopard, which has never failed me and can perform everything I need it to, which is more than Mavericks had ever done. Guess what? The original installation DVD wouldn’t let me do it until I finally figured out that I had to boot up the machine in Firewire mode and physically erase the Restore partition that kept on insisting on telling me to apply a Time Machine backup… that wouldn’t work.

    Sounds bad? Well, yes, it was. Thank you, Apple, for wasting three days of my time. The day I can’t find the used hardware that runs Snow Leopard, I’ll run it from a Virtual Box installation on whatever machine will be on sale then.

  2. J Luther Barnhart

    Supposedly, this was fixed with Security update 2015-004. However, we’ve experienced that 2015-004 is what broke our eppc calls.


Leave a Reply to tingo Cancel reply