OS X Security Patch Includes Browser Fix
By Ryan Naraine | Posted 2005-03-22

Apple releases a security update to correct "highly critical" vulnerabilities in its flagship operating system, some affecting Web browsers.
Apple has rolled out a security update to correct nine potentially serious vulnerabilities in the Mac OS X operating system.The update, which carries a "highly critical" rating from Secunia, comes with a modification to Apple Computer Inc.'s Safari browser to provide protection against an IDN (International Domain Names) URL-spoofing vulnerability.
The IDN bug allows maliciously registered international domains to make URLs visually appear as legitimate sites. The issue affects multiple Web browsers and workarounds from Mozilla and Opera have already been released.
Apple said the default list of allowed scripts does not include Roman look-alike scripts.
To read more about the upcoming release of Mac OS X 10.4, code-named Tiger, click here.
The company's monthly patch also corrects two vulnerabilities in the AFP (Apple Filing Protocol) Server.
The first was described as a denial-of-service issue which can be exploited to terminate the operation of the AFP Server due to an incorrect memory reference.
A separate patch fixes the checking of file permissions for access to Drop Boxes to protect against the contents being discovered by malicious attackers.
Why is Mac OS X in increasing danger from hackers, according to Symantec? Click here to read more.
The update also resolves:
Apple has posted download locations (Client and Server) on its support Web site.
Check out eWEEK.com's for the latest news, reviews and analysis on Apple in the enterprise.
What Partners Need to Know About HP, ...
In the channel, HP, Inc. is a storied vendor that has relationships...Watch Now