Existing users, log in.  New users, create a free account.  Lost password?

Mac OS X  |  Security / Privacy  |  Other Security / Privacy  |  Don't go there GURLfriend!  |  Not a real fix

Don't go there GURLfriend!

Don't go there GURLfriend!

Fixes the help:// exploit

Version:  1.1

   [ Views: 407 ]

Not a real fix

Feedback Type:  Review

Contributed by: osax Wednesday, May 19 2004 @ 03:21 AM PDT

Product Platform: MacOSX

Used Product For: Less than a month

Recommend Product: NO

The idea behind the fix is good, however the script keeps a copy of the "evil" Help Viewer Script called "OpnAppBACKUP.scpt".

A malicious web site could now target specifically this copy of the script and achieve the same results as before. Moreover, this copy could be left there even after an official fix by Apple, so your computer would still be vulnerably, albeit to a variant of the original attack.

Note to developers: remove the backup copy, it causes more harm than good.   
Overall Rating:

Ease of Use:

Support:

Features:

Quality / Stability:

Price:

2 of 3 users found this helpful.

Rate this Review

Was this Review helpful? Yes | No

Comments

0 comments |

No user comments.