MacNewsWorld Talkback

Re: OS X Security Hole Bites Apple
Posted by: Blane Warrene 2004-05-25 05:53:09

See Full Story

Danish security firm Secunia released a new advisory Saturday stating that the security update Apple released Friday to combat the security vulnerabilities that could result from Uniform Resource Identifier (URI) flaws found in at least two Mac-compatible browsers have not succeeded in completely patching the problem. An Apple spokesperson told MacNewsWorld on Monday that the company could not comment any further about either these flaws or the company's inability to rectify them through last Friday's update. Apple also labeled this Mac OS X vulnerability in its Help Viewer application "theoretical" in nature.

Re: OS X Security Hole Bites Apple
Posted by: Hugin777 2004-05-25 06:07:46 In reply to: Blane Warrene

Please note that just installing version 1.0 or 1.1 of the Paranoid Android is not enough to "surf safely". But it sure is better than nothing ! Thanks to Unsanity for providing this free tool until Apple fixes the last issues.
:
Also, I would recommend disabling _at_least_ AFP also.
:
See my exploit test page for further info:
http://ozwix.dk/OpnAppFixer/testit.html
:
NB: Apples fix for the HelpViewer vulnerability is a really nice fix; it even logs attempts to get in. It's a shame they didn't know about these other vulnerabilities...

Re: OS X Security Hole Bites Apple
Posted by: Hugin777 2004-05-25 15:33:42 In reply to: Hugin777

The Paranoid Android has been updated to version 1.2. You can now surf safely by just installing this :-)

Re: OS X Security Hole Bites Apple
Posted by: bwarrene 2004-05-26 15:50:24 In reply to: Hugin777

Thanks for the head up Hugin777!