Remote iChat Exploit Patched
99BottlesOfBeerInMyF writes "Apple has released a security update to patch a hole in iChat. Apparently, correctly crafted links sent via iChat can execute programs if the path is known. If this allows for command line attributes to be included, it could be a pretty big hole; although it would still require some social engineering. The Apple description is here."
Mine's done. That link is just there for a friend. Look at his email address on the signup page when you click on the link if you don't believe me.
Chris
ROFL
Hint: change the url next time or use TinyUrl if you want me to click it.
Chris
Shock and Awe...
Free iPods
Because it replaced a core framework for handling urls. Lots and lots of other programs could potentially use it.
How hard is to to socially engineer the average mac user?
I dunno, but I'd sure like to "socially engineer" this iPod user - "it" might be "hard"!!
note the above work link is not work safe.
Forget about iChat, I'd like to "patch" this iPod user's holes!!
Actually, Alt is the same as Option on a Mac keyboard and F4 is also the 'lower volume' key. So Option+LowerVolume (Alt+F4) opens the sound control panel. Same for Option+F3 or F5 and then F1 and F2 for brightness opens the display control panel.
...has been what Microsoft has been feeding PC users all these years.
You just now get a firewall? LOL