reese

http://blogs.zdnet.com/Apple/index.php?p=103

Quote:

Heise online is reporting that a new critical vulnerability for Mac OS X has been discovered and it appears to have ramifications beyond the Safari brows. The problem is severe because a user simply needs to visit a malicious website and shell scripts with launch with zero user interaction!

Wonder what all the apple people will say about this one...

Here is the temporary work-around:
The best immediate recourse against such an attack is to deactivate the option "Open 'safe' files after downloading" in the "General" section of Safari's preferences. Alternative web browsers such as Camino or Firefox do not support the automatic execution of files. These browsers can be prompted to automatically download a file by using the refresh command in the HTML source code of a web page. However, the file will not be executed. Since the Finder selects the icon for a file based on its extension, users are advised to verify that the OS is using the proper file type. This can be done through the information window or in column view.

Axim_X50_owner

Alright a simple step: Throw saffari in the recycle bin and use mozzila. Also if you are trying to make mac look bad, I can post windows explot's but there are so many they would proubly crash the server......
-Justin

Tblove

Looks like reese was just posting some useful info to me,not bash anything.

coolbre304

I don't think he intended to make the Mac look "bad" and I agree, there are THOUSANDS more holes in windows than in OS X but, just a little tip for those who didn't know im sure.

__________________
BM

"If the automobile had followed the same development cycle as the computer, a Rolls-Royce would today cost $100, get one million miles to the gallon, and explode once a year, killing everyone inside." Robert X Cringely

Addition who needs that kind of stuff any way huh?

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


Who cares if I'm only 16?
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

Howard2k

It requires certain settings to be enabled (and I think they are by default).

There is a setting in Safari that will allow it to automatically open known files.

I *think* the same exploit applies to Windows doesn't it? If a user clicks on a link to a word document and the word document contains a macro virus then they're infected right?


Either way - good computing practices provide a lot of protection. OS X makes it plain sailing to do all of your day to day activities outside of an admin account so there is some "sand boxing" against these social engineering type attacks.

__________________
Always read stuff that will make you look good if you die in the middle of it.