OSX 10.3 [Panther] service announcement

May. 19th, 2004 01:25 am
jazzfish: an open bottle of ether, and George conked out (Ether George)
[personal profile] jazzfish
Doubtless those of you to whom this applies have seen it already, but just in case you haven't, there's a security hole in Panther that wants patching.

"It is possible to write a URL that, when invoked from one’s default browser, invokes Apple’s Help program, which is itself a mini-browser which uses a subset of HTML. The trouble is that unlike a well-written, full-fledged, OSX browser, the Help program is (a.) fully scriptable; and (b.) fully capable of running any application or command for which the user has privileges."
  • Current Mood: tired
Threaded | Flat

Date: 2004-05-18 10:39 pm (UTC)
From: [identity profile] skreidle.livejournal.com
Well, nothing was posted about it in [livejournal.com profile] macosx, so I passed it on. Eep!

Date: 2004-05-19 04:58 am (UTC)
From: [identity profile] mikailborg.livejournal.com
Until Apple patches this, Safari users can protect themselves with a menu selection and two clicks.

With Safari open and the foremost application, select "Preferences" from the "Safari" menu. Click the "General" icon, and make sure "Open 'safe' files after downloading" is unchecked. Boom, vulnerability gone.

Date: 2004-05-19 07:40 am (UTC)
From: (Anonymous)
Between this and the recent trojans it's encouraging to see that Macs have developed enough of a presence to warrant such attacks.

Jonathan

Date: 2004-05-19 12:04 pm (UTC)
From: [identity profile] laughin.livejournal.com
I am sure it will get fixed when the next wildlife feline version somes out. ;)
Threaded | Flat

Profile

jazzfish: Jazz Fish: beret, sunglasses, saxophone (Default)
Tucker McKinnon
Words are inadequate

Most Popular Tags

Adventures in Mamboland

"Jazz Fish, a saxophone playing wanderer, finds himself in Mamboland at a critical phase in his life." --Howie Green, on his book Jazz Fish Zen

Yeah. That sounds about right.

Expand Cut Tags

No cut tags