Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

 

 

Pick an apple! 
 
Use Expose to Open Files Quickly

Looking for an easy way to drag a file into a hidden application? First enter Expose's All Windows mode by hitting F9, then hover over an application's window while dragging your file, pause for a moment (or press the Space bar) and that window will spring to the foreground enabling you to open the file within that application.

Visit plucky tree

Submitted by
cricket

 
 

Security Update Patches Apple Remote Desktop

Send Article to a Friend

Security Update Patches Apple Remote Desktop -- Apple has released Security Update 2004-10-27, a patch to Apple Remote Desktop Client 1.2.4 that prevents a remote user from starting an application behind the login window, which would allow the application to run as root. The vulnerability exists on Mac OS X 10.3 systems with Apple Remote Desktop Client 1.2.4 installed and Fast User Switching enabled. On an unpatched system that has a user logged in, but the login window visible via Fast User Switching, an Apple Remote Desktop user with privileges to do so can start an application, which would run as root. (The vulnerability requires that the Remote Desktop user have a valid username and password to access the system; it does not expose the machine to unauthorized use.)

<http://docs.info.apple.com/article.html? artnum=61798>

The 832K download, available through Software Update or the Apple Downloads page, only applies to Mac OS X 10.3 and later operating systems, and isn't needed if Apple Remote Desktop has already been upgraded to version 2.1. [MHA]

<http://www.apple.com/support/downloads// securityupdate20041027ard.html>

 

READERS LIKE YOU! Support TidBITS by becoming a member today!
Check out the perks at <http://tidbits.com/member_benefits.html>
Special thanks to Andreas Steinmann, David Bearry, Rodger Stephens,
and Fredrik Jonsson for their generous support!