This Week's Sponsor:

Winterfest 2024

The Festival of Artisanal Software


Apple Releases Security Update 2010-006 for Snow Leopard

Time for another security update, folks. Apple has just released the Security Update 2010-006 for Snow Leopard (server and client versions) which is available here or, as usual, in Software Update.

The update addresses an issue where AFP shared folders could be accessed by a remote attacker using an invalid password. Go update. Or, check out the full update description below.

Security Update 2010-006

AFP

CVE-ID: CVE-2010-1820

Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4

Impact: A remote attacker may access AFP shared folders without a valid password

Description: An error handling issue exists in AFP Server. A remote attacker with knowledge of an account name on a target system may bypass the password validation and access AFP shared folders. By default, File Sharing is not enabled. This issue does not affect systems prior to Mac OS X v10.6. Credit to Richard Noll for reporting this issue.

Access Extra Content and Perks

Founded in 2015, Club MacStories has delivered exclusive content every week for nearly a decade.

What started with weekly and monthly email newsletters has blossomed into a family of memberships designed every MacStories fan.

Learn more here and from our Club FAQs.

Club MacStories: Weekly and monthly newsletters via email and the web that are brimming with apps, tips, automation workflows, longform writing, early access to the MacStories Unwind podcast, periodic giveaways, and more;

Club MacStories+: Everything that Club MacStories offers, plus an active Discord community, advanced search and custom RSS features for exploring the Club’s entire back catalog, bonus columns, and dozens of app discounts;

Club Premier: All of the above and AppStories+, an extended version of our flagship podcast that’s delivered early, ad-free, and in high-bitrate audio.