Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remote iChat Exploit Patched

Posted by pudge on from the gotta-restart-now-brb dept.

99BottlesOfBeerInMyF writes "Apple has released a security update to patch a hole in iChat. Apparently, correctly crafted links sent via iChat can execute programs if the path is known. If this allows for command line attributes to be included, it could be a pretty big hole; although it would still require some social engineering. The Apple description is here."

11 of 55 comments (clear)

  1. Re:social engineering by Anonymous Coward · · Score: -1, Offtopic

    Mine's done. That link is just there for a friend. Look at his email address on the signup page when you click on the link if you don't believe me.

    Chris

  2. Re:social engineering by Anonymous Coward · · Score: -1, Offtopic

    ROFL

    Hint: change the url next time or use TinyUrl if you want me to click it.

    Chris

  3. Re:Wow... by PedanticSpellingTrol · · Score: -1, Offtopic

    Shock and Awe...

  4. Re:social engineering by Anonymous Coward · · Score: -1, Offtopic
    I agree... I propose a google bomb.

    Free iPods

  5. Re:All I want to know is... by Anonymous Coward · · Score: -1, Offtopic

    Because it replaced a core framework for handling urls. Lots and lots of other programs could potentially use it.

  6. Re:social engineering by Anonymous Coward · · Score: -1, Offtopic

    How hard is to to socially engineer the average mac user?

    I dunno, but I'd sure like to "socially engineer" this iPod user - "it" might be "hard"!!

  7. not work safe! by Anonymous Coward · · Score: -1, Offtopic

    note the above work link is not work safe.

    1. Re:not work safe! by Anonymous Coward · · Score: -1, Offtopic

      Well duh. If you didn't figure it out from the blatant innuendo, then you deserve to be caught looking at it from work. Still... nice, eh? :)

  8. Patching holes by Anonymous Coward · · Score: -1, Offtopic

    Forget about iChat, I'd like to "patch" this iPod user's holes!!

  9. Re:social engineering by spicyjeff · · Score: 0, Offtopic

    Actually, Alt is the same as Option on a Mac keyboard and F4 is also the 'lower volume' key. So Option+LowerVolume (Alt+F4) opens the sound control panel. Same for Option+F3 or F5 and then F1 and F2 for brightness opens the display control panel.

  10. The greatest social engineering feat... by Anonymous Coward · · Score: -1, Offtopic

    ...has been what Microsoft has been feeding PC users all these years.

    You just now get a firewall? LOL