OS X Security Patch Includes Browser FixBy Ryan Naraine | Posted 2005-03-22 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Apple releases a security update to correct "highly critical" vulnerabilities in its flagship operating system, some affecting Web browsers.Apple has rolled out a security update to correct nine potentially serious vulnerabilities in the Mac OS X operating system.
The update, which carries a "highly critical" rating from Secunia, comes with a modification to Apple Computer Inc.'s Safari browser to provide protection against an IDN (International Domain Names) URL-spoofing vulnerability.
The IDN bug allows maliciously registered international domains to make URLs visually appear as legitimate sites. The issue affects multiple Web browsers and workarounds from Mozilla and Opera have already been released.
Apple said the default list of allowed scripts does not include Roman look-alike scripts.
The company's monthly patch also corrects two vulnerabilities in the AFP (Apple Filing Protocol) Server.
The first was described as a denial-of-service issue which can be exploited to terminate the operation of the AFP Server due to an incorrect memory reference.
A separate patch fixes the checking of file permissions for access to Drop Boxes to protect against the contents being discovered by malicious attackers.
The update also resolves:
Check out eWEEK.com's for the latest news, reviews and analysis on Apple in the enterprise.