Apple has released Security Update 2003-03-24 via Software Update and as a standalone 4.5 MB download. The update fixes a hole that could allow unauthorized remote access to the system via the open-source Samba code that underlies Mac OS X’s built-in Windows File Sharing available from the Sharing preferences pane. Also fixed is a problem with OpenSSL that could allow RSA private keys to be compromised. Although Windows File Sharing is off by default, the update is still important, and Apple recommends that all customers install it. That’s easy if you’re running Mac OS X 10.2.4 or Mac OS X Server 10.2.4, but Apple says those with earlier versions of Mac OS X must either update to 10.2.4 or visit the OpenSSL and Samba Web sites for additional information on the available fixes, not that we could find any that would be of use to a normal Mac user. Our advice? If you’re not running Mac OS X 10.2.4, keep Windows File Sharing turned off. If you are, install this security update.
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 32 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.