View this article at: http://www.macnn.com/articles/04/05/21/another.uri.exploit/ Friday, May 21, 2004 11:40pm Another URI exploit in Mac OS X? A MacNN reader points to yet another URI exploit in Mac OS X, not fixed in the recent Apple Security Update, that allows malicious users to embed links that can launch the Terminal application and potentially delete files: "In addition to the 'disk:', 'disks:', and 'help:' URI protocols mentioned yesterday, you should also turn off the 'telnet:' protocol. By default, it’s assigned to Terminal; I recommend using RCDefaultApp to set it to 'disabled'." Update: Unsanity describes yet another exploit method in a new white paper on not-yet-fixed security issues and offers an update to the freeware Paranoid Android 1.1 to protect Mac OS X until an official fix is available from Apple.