On Feb 22, 2006, at 5:52 AM, RobK wrote:
> According to ZDNet:
>
> "Users of alternative browsers such as Firefox and Camino on the
> Mac are not exposed to the Web-based attack vector, experts said."
>
I am going to be a bit cautious on this claim because the exploit is
aimed at how OS-X handles the shell scripts that are handed off to
it, not at Safari or Mail per-se.
> If you need some frustrating entertainment, go to Google News and
> follow the OSX virus link. There are 45 related stories (as of this
> morning) relating the doom and gloom for Apple now that it's
> inundated with viruses.
>
Guess Apple will just have to move to AMD or back ti IBM for those
processors, huh :^).
Jerry
>
> Jerry Yeager wrote:
>
>> If you are a Safari user, open your Preferences and click on the
>> General tab. There is an option to allow you to Open "safe" files
>> after downloading. A while back it was recommended that you leave
>> this unchecked, but there have been several upgrades to Safari and
>> it may have inadvertently gotten turned back on.
>>
>> IF it is checked 'on', turn it back off for a while (uncheck it).
>>
>> There is a new way of web-sites taking advantage of your visit to
>> download a type of shell file that can compromise your system.
>> Apple should be releasing a fix soon, like they did before (the
>> new exploit is a version of the previous one -- just taking
>> advantage of a slight error that Apple did not catch last time).
>>
>> For more info:
>> http://secunia.com/mac_os_x_command_execution_vulnerability_test/
>>
>>
>> Note: this is more of an OS-X issue than a Safari issue. Make
>> sure that if you use FireFox or Camino or whatnot you take
>> similar precautions.
>> Extra note: This is still NOT a virus! But it is something to be
>> aware of.
>> Extra extra note: I apologize for ending the previous sentence
>> that way :^)
>>
>> Jerry
>>
>> -----------------------------------
>> Someday, I will come up with a clever signature line. I am not
>> sure if I will use it or not, but I will come up with one. In the
>> mean time this next one will have to do:
>>
>> ====================
>> 'W' Is for wiretap and a little more...
>>
>>
>>
>>
>
>
> | The next meeting of the Louisville Computer Society will
> | be February 28 at Pitt Academy, 6010 Preston Highway.
> | The LCS Web page is <http://www.kymac.org>.
> | List posting address: <mailto:macgroup at erdos.math.louisville.edu>
> | List Web page: <http://erdos.math.louisville.edu/macgroup>
-----------------------------------
Someday, I will come up with a clever signature line. I am not sure
if I will use it or not, but I will come up with one.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2373 bytes
Desc: not available
Url :
http://www.math.louisville.edu/pipermail/macgroup/attachments/20060222/6a611289/attachment.bin
