Member
|
It's the fix for the Help Viewer issue. Now in Software Update!
|
quote |
Veteran Member
Join Date: May 2004
Location: New York City
|
weighing in at 712k, not to shabby... here is the description:
Quote:
|
|
quote |
Antimatter Man
Join Date: May 2004
Location: that interweb thing
|
patches are good.
don't know if it also addresses the Safari (webcore) side of the exploit, but an official response is welcome |
quote |
Veteran Member
Join Date: May 2004
Location: Ottawa, ON
|
Is this not two updates in the past few weeks? Just what operating system am I running here?
|
quote |
Veteran Member
Join Date: May 2004
Location: Minnesota
|
Quote:
By the way, I read at the MacRumors forum that there is some kind of Terminal fix in this update for 10.2 users. |
|
quote |
Veteran Member
Join Date: May 2004
Location: Promise Land of Trustafarians
|
Quote:
At least they addressed it quickly, and didn't take weeks or months. |
|
quote |
Less than Stellar Member
|
Quote:
|
|
quote |
Member
|
It was reported to them on the 23rd of February. Now we have 24th of May. That's not quick. But they had to do something after it became public, didn't they?
If anyone wants to test it again, here's the original proof of concept: http://www.insecure.ws/article.php?s...04051612423136 Here's what I get in OmniWeb: It says: "Attention: The following DiskImages couldn't be activated, Reason: No such file or folder." |
quote |
Hates the Infotainment
Join Date: May 2004
Location: NSA Archives
|
WARNING: Apple's fix DOES NOT address the serious security flaw in Safari that is described by Unsanity. I just installed the patch last night and it does nothing to stop the behavior noted above. There have been some people online who think it does more than fix the Help Viewer thing; it doesn't AFAICT.
Even if the "Open Safe Files" is turned off in Safari (which mine always is), disk images can be mounted on your machine and launch code without you ever doing anything to specifically enable that behavior (such as downloading a suspicious file). This is some scary poop. ...into the light of a dark black night. |
quote |
Posting Rules | Navigation |
|
Thread Tools | |