Apple releases patch for 10.6.4 to fix file-sharing security

Apple has released a security update (Security Update 2010-006) for OS X 10.6.4 Snow Leopard, which addresses a problem uncovered in the OS where a remote attacker could use a known username to access files in shared folders.

Apple has released a security update (Security Update 2010-006) for OS X 10.6.4 Snow Leopard, which addresses a problem uncovered in the OS where a remote attacker could use a known username to access files in shared folders.

This patch is specific for the Snow Leopard client and server releases and should be installed if you have file sharing enabled. By default the file-sharing services in OS X are not enabled, so there is no immediate threat if you are not using this feature; however, many users do enable this option, especially on server systems.

The update should be available via Software Update, but is also available as a direct download from Apple's Web site (1.93MB).

The update will just replace the AppleFileServer "CoreServices" application, along with its relevant Launch Daemon property list. You will need to restart your system after installing the update.



Questions? Comments? Have a fix? Post them below or e-mail us!
Be sure to check us out on Twitter and the CNET Mac forums.

About the author

    Topher, an avid Mac user for the past 15 years, has been a contributing author to MacFixIt since the spring of 2008. One of his passions is troubleshooting Mac problems and making the best use of Macs and Apple hardware at home and in the workplace.

     

    ARTICLE DISCUSSION

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    Hot on CNET

    CNET's giving away a 3D printer

    Enter for a chance to win* the MakerBot Replicator 3D Printer and all the supplies you need to get started.