Apple releases patch for 10.6.4 to fix file-sharing security

Apple has released a security update (Security Update 2010-006) for OS X 10.6.4 Snow Leopard, which addresses a problem uncovered in the OS where a remote attacker could use a known username to access files in shared folders.

Apple has released a security update (Security Update 2010-006) for OS X 10.6.4 Snow Leopard, which addresses a problem uncovered in the OS where a remote attacker could use a known username to access files in shared folders.

This patch is specific for the Snow Leopard client and server releases and should be installed if you have file sharing enabled. By default the file-sharing services in OS X are not enabled, so there is no immediate threat if you are not using this feature; however, many users do enable this option, especially on server systems.

The update should be available via Software Update, but is also available as a direct download from Apple's Web site (1.93MB).

The update will just replace the AppleFileServer "CoreServices" application, along with its relevant Launch Daemon property list. You will need to restart your system after installing the update.



Questions? Comments? Have a fix? Post them below or e-mail us!
Be sure to check us out on Twitter and the CNET Mac forums.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Metal Gear Solid V gets a perfect 10

Jeff Bakalar talks with GameSpot's Peter Brown about his perfect 10 review score of Metal Gear Solid V: The Phantom Pain.

by Jeff Bakalar