As always, there is more to the story than meets the eye.
---------------------------------------------------------------------- Would you care to view the ruins of my good intentions? ---------------------------------------------------------------------- On May 24, 2004, at 1:47 PM, KR'sListMail wrote: > Yoo Hoo, > New Article about the Security Patch - see below: > Hmmm . I guess I could just rename my Mac HD: "MS.Net" > and be safe. ;-D > (That is a joke for those that get it) > smile > Yours, Kay > > ...................... > Secunia: Mac OS X Users Still At Risk May 24, 2004 > stuff cut out > The firm is advising Mac OS X users to uncheck the "open safe files > after downloading" option and add a protocol helper application for > disk and disks. It's best that Apple users don't visit untrusted Web > sites or surf the Internet as privileged users, Secunia says. > > More information about the flaw and safety tips are available in > Secunia's advisory. > Apple released the update and it was immediately examined by many to see if it fixed the issue. It did, but a new one emerged. Here's the thing (I am going to capitalize the next sentence for stressing the point). THERE ARE NO PLACES ON THE INTERNET THAT ARE TAKING ADVANTAGE OF THIS EXPLOIT YET. The new exploit only exists so far as a proof of concept and most likely will be closed very soon by Apple. Right after the new exploit was found, (almost within an hour) a new patch was issued by a third party vendor UnSanity (the same group that issued the Paranoid Android patch I wrote about before). The patch has been available via VersionTracker or via UnSanity's web-site since Friday. http://www.versiontracker.com/dyn/moreinfo/macosx/23463 If you surf recklessly, this WOULD help until Apple releases a fix, if there was an actual problem, but again I leave you with this: Actual Windows viruses, worms, trojan horses, etc found out in the wild: 70,000+ Actual Mac OS-X viruses, worms, trojan horses, etc found out in the wild: 0 Jerry ----------------------------------- Someday, I will come up with a clever signature line. I am not sure if I will use it or not, but I will come up with one. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 2720 bytes Desc: not available Url : http://www.math.louisville.edu/pipermail/macgroup/attachments/20040524/8142b0bc/attachment.bin
