slight OT - SAFARI Vulerability warning - A MUST FIX

[Kevin Burnfield]

This page has a good link and good, simple information on this critical problem with Safari that everyone using it or Firefox needs to fix IMMEDIATELY.

http://mamamusings.net/archives/2004...ty_problem.php

I clicked the " the scary but harmless example." and it scared the hell out of me.

All mac users should follow this and pass it on to any and all friends, clients, co-workers.

Some people have found that this also affects the FIREFOX browser as well.

((PS: this is covered on a number of different websites so you can check the validity of this warning if you wish - www.macifxit.com is probably the most informed site around about any problem issues and they are covering it as well ))

[Kevin Burnfield]

Just so everyone knows, Apple has a fix for this and all you have to do is run Software Update to get it.


You might also want to check out Paranoid Android from Unsanity as well (since it's free and they know their stuff) but don't know if it's neccessary.

[Jeff Donald]

Thanks for the update Kevin.

[Kevin Burnfield]

There are a lot of people saying a lot of different things as to whether the problems have been fixed or not and most of the opinions is that it has not been fixed by the security update.

I would suggest people go to the MacFixIt link above and read there. They are recommending two options to protect your system, one of which is Unsanity's "Paranoid Android" program they wrote to specifically defend against it.

It's not worth losing your system over a couple of minutes to read and install a fix.

[Jeff Donald]

I use Little Snitch, which, while not free, does much more than the freeware Paranoid Android.

[Kevin Burnfield]

I bought Little Snitch too but it does nothing against these exploits. LS is great, it keeps any and all programs or applications from communicating out from your computer without your permission.

These exploits are somehow coming in through browsers and kicking off help scripts and things like that.

These fixes are to prevent these webpages / codes from kicking off the command to erase your HD or things like that, it's not trying to communicate out.

[Jeff Donald]

They have to dial out to the URL in order to run the script, is my understanding. Little Snitch can block them from dialing out. A Firewall can prevent incoming commands, etc.

[Kevin Burnfield]

I need to look at it again but my understanding of the first couple of exploits were that they were triggered by a webpage loading code in a browser which initiated a script which used the HELP system to launch a script which does something... and usually something nasty.

When this first was announced the page I linked to above has the " the scary but harmless example" of this exploit and when I tried it I had Little Snitch active at the time and it still launched Help and ran a script which only produced a list of files on my hard drive.

Is this a new exploit?

[Jeff Donald]

I think we have Little Snitch configured differently. I just did the same test and all it could do was launch. However, I also installed OS 10.3.4 tonight and maybe it's stopping the executable.

[Kevin Burnfield]

I haven't had a chance to read what all 10.3.4 does but it might fix it.

I'll look around tomorrow and see what info I can find.