It's the fix for the Help Viewer issue. Now in Software Update!

weighing in at 712k, not to shabby... here is the description:
Security Update 2004-05-24 delivers a number of security enhancements and is recommended for all Macintosh users. This update includes the following components:


HelpViewer


and it does NOT require a restart

http://homepage.mac.com/psantora/.Public/SU524.png

patches are good.

don't know if it also addresses the Safari (webcore) side of the exploit,
but an official response is welcome

Is this not two updates in the past few weeks? Just what operating system am I running here? :eek:

Is this not two updates in the past few weeks? Just what operating system am I running here? :eek:

I doubt the sky is falling quite yet.

By the way, I read at the MacRumors forum that there is some kind of Terminal fix in this update for 10.2 users.

Is this not two updates in the past few weeks? Just what operating system am I running here? :eek:


At least they addressed it quickly, and didn't take weeks or months.

At least they addressed it quickly, and didn't take weeks or months.

AFAIK, the vulnerability was reported to them a while ago. It only became public recently but they did know about it for a while.

It was reported to them on the 23rd of February. Now we have 24th of May. That's not quick. But they had to do something after it became public, didn't they?

If anyone wants to test it again, here's the original proof of concept: http://www.insecure.ws/article.php?story=2004051612423136

Here's what I get in OmniWeb:

http://img19.imageshack.us/img19/8388/muahaha.png

It says: "Attention: The following DiskImages couldn't be activated, Reason: No such file or folder."

:)

WARNING: Apple's fix DOES NOT address the serious security flaw in Safari that is described by Unsanity. (http://www.unsanity.com/haxies/pa/whitepaper) I just installed the patch last night and it does nothing to stop the behavior noted above. There have been some people online who think it does more than fix the Help Viewer thing; it doesn't AFAICT.

Even if the "Open Safe Files" is turned off in Safari (which mine always is), disk images can be mounted on your machine and launch code without you ever doing anything to specifically enable that behavior (such as downloading a suspicious file). This is some scary poop.