Tuesday, March 07, 2006

Safari's Hole Patched

Apple has responded to the security hole in Safari reported a few weeks ago by releasing a security update, formally Security Update 2006-001 Mac OS X 10.4.5 (PPC).

Problem solved

After updating the system, I found that the aforementioned vulnerability in Safari is gone. Now the download manager is able to decipher the altered script files and warn that the package may contain an application. Since you know you are downloading a media file, this warning is enough to raise your alert that something fishy is going on.

The turnaround time of the fix is fast enough, which is a good sign that Apple is taking Mac security seriously. If your system has not been patched, you can download and install the update using the Mac's built-in Software Update, or get it from this link.

What about Panther

Fear not, Panther users, for you are not neglected. Apple has also addressed this problem in Panther by releasing a 10.3.9 security update, which can be downloaded here: http://docs.info.apple.com/article.html?artnum=303382.

Yet another Mac tips is on the web!