A giant security bug flew in and took a bite out of Apple Fan-boys cloak of invincibility overnight. Yes I know it’s not the end of the world, yes I know most people won’t be at risk and no I don’t hate Mac’s I’m typing on one right now. I just like to tease you guys about being fan-boys. FWIW, if any of the above words caused you to stutter, stop and or mutter at your computer you are a “fan” for sure. Now back to the business at hand as this is nothing a security update won’t fix. (it’s up on the top left under the Apple icon for those that don’t know where to find it)
So what is the vulnerability?
Summary:
This document describes Security Update 2010-006, which can be downloaded and installed via Software Updatepreferences, or from Apple Downloads.
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see “How to use the Apple Product Security PGP Key.”
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other Security Updates, see “Apple Security Updates“.
Security Update 2010-006
Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4
Impact: A remote attacker may access AFP shared folders without a valid password
Description: An error handling issue exists in AFP Server. A remote attacker with knowledge of an account name on a target system may bypass the password validation and access AFP shared folders. By default, File Sharing is not enabled. This issue does not affect systems prior to Mac OS X v10.6.
via|the inq
Back Home
1 Comment at "Apple Security Fix Online Now"
Hey, keep in mind that some of us are fan-GIRLS!
Comment Now!