updated 05:00 pm EST, Mon March 21, 2005
Apple security update
Apple today released , which it says delivers a number of security enhancements, including an important update to its Safari web browser. Recommended for everyone, it includes updated components for AFP Server, Bluetooth Setup Assistant CoreFoundation, Cyrus SASL, Folder permissions, Safari, and Samba. Apple says that it updated a Folder Permissions security hole and its AFP file sharing protocol to prevent a denial of service attack and discovery of the contents of a file "Drop Box" (where others can upload, but not view/download data). Apple also fixed exploits related to Mac OS X 10.3 Server, including multiple vulnerabilities in Cyrus IMAP (email protocol) and Mailman (email list server). The update also brings improvements to Cyrus SASL and fixes an important Safari Web exploit that allowed maliciously registered International Domain Names to mask as legitimate sites.