http://news.com.com/Mac+OS+fix+fails+to+plug+security+hole/2100-1002_3-5220285.html?tag=nefd.top


"The company released the original patch Friday after news of the vulnerability appeared on the Internet.

The vulnerability actually involves two flaws. One allows a Web site to place a file on the Mac's hard drive when a user clicks on a uniform resource locator, or URL, specifically designed to bypass Mac OS X's security. The other gives an attacker the ability to run a file on another user's computer, provided the location of the file is known. Used together, the flaws constitute a major security hole that could result in a potential instant-messaging or e-mail virus.

Apple would not comment." (imagine that.)

OSX/XP Apple/Microsoft...they all suck :cool:

repost

apple already issued a fix

mod delete

it is flamebait
but the vulnerabilities still exist (or still did before today's update, cross your fingers)

OSX/XP Apple/Microsoft...they all suck :cool: *cough*LINUX ZEALOT*cough*

repost

apple already issued a fix

mod delete
If I remember, there are two parts of the flaw. Apple fixed one of them. Therefore a vulnerability still exists - this is what Apple wouldn't comment on.

Still, I expect if it wasn't fixed with 10.3.4 it will be fixed shortly before any damage is done. Oh, and it's nice to see Apple release last week's security fix for Jaguar users too.