Monday, September 20, 2010, 01:10 pm PT (04:10 pm ET)
Apple addresses file sharing security issue in Mac OS X 10.6.4Apple on Monday issued a security update for Mac OS X 10.6.4, addressing an issue that could allow a remote attacker to access shared folders without a valid password.
Security Update 2010-006 was issued Monday afternoon. It applies to Mac oS X 10.6.4 and Mac OS X Server. 10.6.4. The 1.93MB file is available through Software Update or direct from Apple.
The security update is recommended for all users of Snow Leopard, and it addresses an issue where a remote attacker could access shared folders on a system, as long as they knew the name of an account name on that system. By default, file sharing is not enabled on a Mac, meaning the issue would only affect those who have the service turned on.
The original problem was caused by an error handling issue in AFP Server within Mac OS X 10.6.4. The issue does not affect systems running a version of the operating system earlier than Snow Leopard.
On Topic: Mac OS X
- Apple to enable pixel-doubled 'Retina' mode for 4K monitors in OS X 10.9.3
- Apple issues first OS X 10.9.3 beta, asks developers to focus on graphics and audio
- Apple issues OS X Server 3.1 Preview beta with added supervised devices support
- Mac owners report OS X 10.9.2 update breaks AirPlay functionality
- Apple releases OS X 10.9.2 with fix for SSL security flaw, plus new FaceTime Audio