Results 1 to 4 of 4
  1. #1


    Member Since
    Mar 30, 2004
    Location
    USA
    Posts
    4,744
    Specs:
    12" Apple PowerBook G4 (1.5GHz)
    Security Update 2006-001
    http://docs.info.apple.com/article.html?artnum=303382

    Among other things, it addresses weaknesses that were exploited by the recently reported malware.

    Safari, LaunchServices

    CVE-ID: CVE-2006-0394

    Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.5, Mac OS X Server v10.4.5

    Impact: Viewing a malicious web site may result in arbitrary code execution

    Description: It is possible to construct a file which appears to be a safe file type, such as an image or movie, but is actually an application. When the "Open `safe' files after downloading" option is enabled in Safari's General preferences, visiting a malicious web site may result in the automatic download and execution of such a file. A proof-of-concept has been detected on public web sites that demonstrates the automatic execution of shell scripts. This update addresses the issue by performing additional download validation so that the user is warned (in Mac OS X v10.4.5) or the download is not automatically opened (in Mac OS X v10.3.9).
    iChat. A malicious application named Leap.A that attempts to propagate using iChat has been detected. With this update for Mac OS X v10.4.5 and Mac OS X Server v10.4.5, iChat now uses Download Validation to warn of unknown or unsafe file types during file transfers.
    (And a similar change to Mail.)

  2. #2

    fearlessfreap24's Avatar
    Member Since
    Feb 09, 2005
    Location
    Soon to be DFW
    Posts
    2,339
    Specs:
    MacBook Pro 13" | MacBook Pro 13" | Mac Mini 2GHz C2D
    thanks for the info Techno. i saw it on Software Update today. and i was wondering what it was for.

  3. #3

    yogi's Avatar
    Member Since
    Jan 14, 2005
    Location
    Zurich, Switzerland
    Posts
    2,078
    Specs:
    Mac Mini, iPad Air 2, iPhone 7+, Apple TV 4th Gen, Apple Watch (38mm Link Bracelet)
    Wow. Now compare Apple's response to Leap.A and Microsofts to W32.Blaster. Wonderful.
    If you liked this post, consider using the Reputation System by hitting the icon on the left.

  4. #4


    Member Since
    Jan 18, 2006
    Posts
    1,868
    Specs:
    G4 Cube
    Quote Originally Posted by yogi
    Wow. Now compare Apple's response to Leap.A and Microsofts to W32.Blaster. Wonderful.
    Yeah, no kidding. They dealt with the iMac Intel video problem pretty quickly, too. I think all of the *nix goodness is rubbing off on Apple...just look at how fast linux hackers respond to OS threats. Yet another reason I like Apple!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Issue After Downloading Security Update 2009-001
    By supr_bikr_99 in forum OS X - Operating System
    Replies: 3
    Last Post: 02-21-2009, 04:21 PM
  2. Security Update 2007-001
    By rollout in forum OS X - Operating System
    Replies: 5
    Last Post: 01-30-2007, 12:28 AM
  3. Security Update 2006-008
    By baggss in forum OS X - Operating System
    Replies: 7
    Last Post: 12-24-2006, 02:04 PM
  4. Security Update 2006-005
    By jon_p in forum OS X - Operating System
    Replies: 3
    Last Post: 09-22-2006, 02:20 PM
  5. Security Update 2006-001 disabled network
    By sdgelvin in forum OS X - Operating System
    Replies: 3
    Last Post: 03-03-2006, 03:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •