03-01-2006, 09:12 PM

http://docs.info.apple.com/article.html?artnum=303382

Among other things, it addresses weaknesses that were exploited by the recently reported malware.

Quote:

Safari, LaunchServices

CVE-ID: CVE-2006-0394

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.5, Mac OS X Server v10.4.5

Impact: Viewing a malicious web site may result in arbitrary code execution

Description: It is possible to construct a file which appears to be a safe file type, such as an image or movie, but is actually an application. When the "Open `safe' files after downloading" option is enabled in Safari's General preferences, visiting a malicious web site may result in the automatic download and execution of such a file. A proof-of-concept has been detected on public web sites that demonstrates the automatic execution of shell scripts. This update addresses the issue by performing additional download validation so that the user is warned (in Mac OS X v10.4.5) or the download is not automatically opened (in Mac OS X v10.3.9).

Quote:

iChat. A malicious application named Leap.A that attempts to propagate using iChat has been detected. With this update for Mac OS X v10.4.5 and Mac OS X Server v10.4.5, iChat now uses Download Validation to warn of unknown or unsafe file types during file transfers.

(And a similar change to Mail.)

03-01-2006, 11:45 PM

thanks for the info Techno. i saw it on Software Update today. and i was wondering what it was for.

03-02-2006, 09:54 AM

Wow. Now compare Apple's response to Leap.A and Microsofts to W32.Blaster. Wonderful.

03-02-2006, 10:41 AM

Quote:

Originally Posted by yogi

Wow. Now compare Apple's response to Leap.A and Microsofts to W32.Blaster. Wonderful.

Yeah, no kidding. They dealt with the iMac Intel video problem pretty quickly, too. I think all of the *nix goodness is rubbing off on Apple...just look at how fast linux hackers respond to OS threats. Yet another reason I like Apple!