Simon Willison’s Weblog

Items tagged security, osx

Filters: security × osx ×


Critical Mac OS X Java Vulnerabilities. There’s a five month old Java arbitrary code execution vulnerability which hasn’t yet been patched by Apple. Disable Java applets in your browser until it’s fixed, or random web pages could execute commands on your machine as your user account. # 19th May 2009, 7:07 pm

A Roundup Of Leopard Security Features (via) Thomas Ptacek’s overview of the new security features in Leopard. Guest Accounts are worthless from a security P.O.V., but I still plan to use one for our PowerBook that’s now just a media player. # 31st October 2007, 5:30 pm

Secure wireless email on Mac OS X. Doug Bowman’s tutorial on SSH Tunnel Manager and wireless security. # 8th February 2005, 11:20 am

OS X Security Update 2004-09-07 (via) Plenty of important fixes; a must-have. # 8th September 2004, 3:45 pm

Daring Fireball: Security Cannot Be Spun. Apple’s communication handling of the recent security problem was atrocious. # 31st May 2004, 4 am

Mac OS X helpviewer security flaw fixed. Hit Software Update. Not sure if this fixes the telnet: variety though. # 22nd May 2004, 5:08 am

Defending against the OS X help: vulnerability

There’s a nasty OS X vulnerability under discussion at the moment which lets a web page execute code on your machine by taking advantage of a flaw in the “help:” protocol. There’s a non-malicious demonstration of the exploit on this page, and Jay Allen is hosting a discussion on the exploit and ways to avoid it.

[... 253 words]

Mac OS X URI Handler Arbitrary Code Execution (via) Very nasty: affects all web browsers, allows compromise by malicious web sites. # 18th May 2004, 3:39 pm