MacUpdate Weekend Sale :This weekend MacUpdate has slashed prices on Painter 12 and Painter Lite. Painter 12 retails for $429, but has been reduced by 54% to $199. Painter Lite has seen a 58% price cut from $69 to $29. Hurry, because these deals are only available until May 19th 2013.      
toggle

AAPL Stock: 433.26 ( -1.32 )

http://www.macnn.com/articles/05/03/21/apple.security.update/

Apple fixes holes in Safari, Bluetooth, file sharing

updated 05:00 pm EST, Mon March 21, 2005

 

Apple security update


Apple today released , which it says delivers a number of security enhancements, including an important update to its Safari web browser. Recommended for everyone, it includes updated components for AFP Server, Bluetooth Setup Assistant CoreFoundation, Cyrus SASL, Folder permissions, Safari, and Samba. Apple says that it updated a Folder Permissions security hole and its AFP file sharing protocol to prevent a denial of service attack and discovery of the contents of a file "Drop Box" (where others can upload, but not view/download data). Apple also fixed exploits related to Mac OS X 10.3 Server, including multiple vulnerabilities in Cyrus IMAP (email protocol) and Mailman (email list server). The update also brings improvements to Cyrus SASL and fixes an important Safari Web exploit that allowed maliciously registered International Domain Names to mask as legitimate sites.


by MacNN Staff

Post tools:

TAGS :

 software
toggle

Comments

  1. Ralf_Wiggum

    Fresh-Faced Recruit

    Joined: May 2002

    0

    Major Safari Fix Included

    None of the usual Mac news sites have pointed out that this security update has a major fix for Safari.

    Security Update 2005-003 updates Safari's support for International Domain Names (IDN) to prevent lookalike characters from being used to spoof the URL displayed in the address field, SSL certificate, or status bar.

    For more information about IDN support in Safari and how Security Update 2005-003 affects it, see:

    http://docs.info.apple.com/article.html?artnum=301116

  1. resuna

    Fresh-Faced Recruit

    Joined: Jan 2005

    0

    Not a security fix

    IDN support can't be used to break the security on your computer. It just makes certain kinds of "phishing" attacks (where someone fakes a company's website) easier, but it's still possible... being aware that people fake financial web sites and always logging on through your own bookmarks is the real protection against phishing.

  1. THE MAC GOD

    Mac Enthusiast

    Joined: Jan 2003

    0

    Breaks user

    Ok. Yesterday, at work, we installed this update on three Macs. After restarting, 2 of the 3 Macs had severe problems at startup that fail to resolve. It immediately beachballs at login to that user (of which the security update was installed). Finder, Photoshop, Quark (not out of the ordinary), and any other programs all "are not responding" from the dock's submenu and have to be force quit. However, going into another user, things appear to work fine... but we do not want to have to do this because all the fonts (checked install for all users, but that never works anyway in Font Book) wont carry over, not to mention having to reset all preferences. Any suggestions? Any way to roll back?

  1. fritzw1957

    Fresh-Faced Recruit

    Joined: Nov 2004

    0

    Why can't they...?

    Why can't the updater turn back on a service after it does it's update? I had Windows File Sharing turned on in several of my Macs only to find out that this last update turned it off... I know it's necessary to do that to do the update, but why can't it be re-engaged when the updater is ready to quit?

  1. slipperfrog

    Fresh-Faced Recruit

    Joined: Nov 2002

    0

    Ethernet port disappears?

    I can no longer configure my iBook's ethernet port (en0) after the update. I don't know if it's the update's fault though because it didn't happen until the next day. So it could be an actual physical problem.

    Has anyone else encountered this?

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

Samsung Galaxy S 4

Samsung's new flagship Android smartphone, the Galaxy S 4, faces even stiffer competition than its popular predecessor. With a five-in ...

toggle

Most Commented