toggle

AAPL Stock: 111.78 ( -0.87 )

Printed from http://www.macnn.com

Apple fixes holes in Safari, Bluetooth, file sharing

updated 05:00 pm EST, Mon March 21, 2005

Apple security update

Apple today released , which it says delivers a number of security enhancements, including an important update to its Safari web browser. Recommended for everyone, it includes updated components for AFP Server, Bluetooth Setup Assistant CoreFoundation, Cyrus SASL, Folder permissions, Safari, and Samba. Apple says that it updated a Folder Permissions security hole and its AFP file sharing protocol to prevent a denial of service attack and discovery of the contents of a file "Drop Box" (where others can upload, but not view/download data). Apple also fixed exploits related to Mac OS X 10.3 Server, including multiple vulnerabilities in Cyrus IMAP (email protocol) and Mailman (email list server). The update also brings improvements to Cyrus SASL and fixes an important Safari Web exploit that allowed maliciously registered International Domain Names to mask as legitimate sites.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Ralf_Wiggum

    Joined: Dec 1969

    0

    Major Safari Fix Included

    None of the usual Mac news sites have pointed out that this security update has a major fix for Safari.

    Security Update 2005-003 updates Safari's support for International Domain Names (IDN) to prevent lookalike characters from being used to spoof the URL displayed in the address field, SSL certificate, or status bar.

    For more information about IDN support in Safari and how Security Update 2005-003 affects it, see:

    http://docs.info.apple.com/article.html?artnum=301116

  1. resuna

    Joined: Dec 1969

    0

    Not a security fix

    IDN support can't be used to break the security on your computer. It just makes certain kinds of "phishing" attacks (where someone fakes a company's website) easier, but it's still possible... being aware that people fake financial web sites and always logging on through your own bookmarks is the real protection against phishing.

  1. THE MAC GOD

    Joined: Dec 1969

    0

    Breaks user

    Ok. Yesterday, at work, we installed this update on three Macs. After restarting, 2 of the 3 Macs had severe problems at startup that fail to resolve. It immediately beachballs at login to that user (of which the security update was installed). Finder, Photoshop, Quark (not out of the ordinary), and any other programs all "are not responding" from the dock's submenu and have to be force quit. However, going into another user, things appear to work fine... but we do not want to have to do this because all the fonts (checked install for all users, but that never works anyway in Font Book) wont carry over, not to mention having to reset all preferences. Any suggestions? Any way to roll back?

  1. fritzw1957

    Joined: Dec 1969

    0

    Why can't they...?

    Why can't the updater turn back on a service after it does it's update? I had Windows File Sharing turned on in several of my Macs only to find out that this last update turned it off... I know it's necessary to do that to do the update, but why can't it be re-engaged when the updater is ready to quit?

  1. slipperfrog

    Joined: Dec 1969

    0

    Ethernet port disappears?

    I can no longer configure my iBook's ethernet port (en0) after the update. I don't know if it's the update's fault though because it didn't happen until the next day. So it could be an actual physical problem.

    Has anyone else encountered this?

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented