Slashdot Mirror


Remote iChat Exploit Patched

99BottlesOfBeerInMyF writes "Apple has released a security update to patch a hole in iChat. Apparently, correctly crafted links sent via iChat can execute programs if the path is known. If this allows for command line attributes to be included, it could be a pretty big hole; although it would still require some social engineering. The Apple description is here."

4 of 55 comments (clear)

  1. Re:All I want to know is... by timothv · · Score: -1, Flamebait

    Stop trying to justify extremely poor design choices. It could try to HUP the process, and if it goes wrong, ask the user to do a logout or reboot. There's often no need to reboot at all.

  2. Re:social engineering by thirteenVA · · Score: 0, Flamebait
    Seriously though, I could easily socially engineer anyone.

    OK, try socially engineering the mods on your way to -1 troll...

  3. Patching holes by Anonymous Coward · · Score: -1, Flamebait

    Forget about iChat, I'd like to "patch" this iPod user's holes!!

  4. Re:social engineering by Anonymous Coward · · Score: -1, Flamebait

    Poor... mac... user???

    Poor?!?

    I think not!

    But still, I love my Macs!!