Hi, Am Sonntag den, 7. Juli 2002, um 06:21, schrieb Russell Harding: > ---------------------------------------------------------------------------- > MacOS X SoftwareUpdate Vulnerability. > ---------------------------------------------------------------------------- > > Date: July 6, 2002 > Version: MacOS 10.1.X and possibly 10.0.X > Problem: MacOS X SoftwareUpdate connects to the SoftwareUpdate Server via > HTTP with no authentication, leaving it vulnerable to attack. [...] > Solution/Patch/Workaround: [...] A possible workaround: System Preferences -> Software Update -> Update Software: [x] Manually Donīt touch the "Update Now"-Button! Look for updates on http://www.info.apple.com/support/downloads.html Use trusted networks or http-to-mail gateway to get the files. HTH, Julian
