Skip to content
Thoughtful, detailed coverage of everything Apple for 33 years
and the TidBITS Content Network for Apple professionals

Security Update 2004-06-07 Plugs Launch Services Holes

Just as we were about to wrap this issue, including a brief bit about an update to Paranoid Android – Unsanity’s hack for warning the user about the launching of unknown URL schemes – Apple released Security Update 2004-06-07, which claims to fix all of the recently identified security vulnerabilities in Mac OS X (see our articles on the topic in TidBITS-731 for full details on what was broken).

<https://tidbits.com/getbits.acgi?tbart=07679>

<https://tidbits.com/getbits.acgi?tbart=07680>

<http://www.unsanity.com/haxies/pa/>

In short, the security update revises Launch Services so it alerts the user to applications that have not been explicitly launched before (with a dialog along the lines of the one Paranoid Android puts up). It also removes the registration of the disk URL scheme so disk images accessed via disk URLs no longer mount automatically. A change to Safari eliminates a feature that could open certain downloaded files when the Show in Finder button was clicked. And lastly, an unrelated fix enables telnet URLs to have port numbers specified with them again; that functionality had been removed by a previous security update. See Apple’s articles on the topic for more details and a look at the new alert.

<http://docs.info.apple.com/article.html? artnum=61798>

<http://docs.info.apple.com/article.html? artnum=25785>

Security Update 2004-06-07 is available via Software Update; it’s also available as a 900K standalone download for both Mac OS X 10.3.4 and Mac OS X 10.2.8.

<http://www.apple.com/support/downloads/ securityupdate_2004-06-07_(10_3_4).html>

<http://www.apple.com/support/downloads/ securityupdate_2004-06-07
(_10_2_8).html>

Needless to say, we haven’t had time to evaluate how well Apple’s fixes work or if they cause any other problems, but we’ll be tracking user reports on TidBITS Talk and other forums in the upcoming week.


Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 33 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

This site is protected by reCAPTCHA. The Google Privacy Policy and Terms of Service apply.