Site icon MacTech.com

Mac OS X Web hole still open for some users

Last week’s security update did not properly fix the HFS+ filesystem vulnerability for some Mac OS X users, according to security firm NetSec. “The fix put out by the company at the end of last week will only address the security flaw for OS X systems running the Apache web server which is shipped by default,” reports Techworld. “Customers using other web servers such as 4D WebSTAR remain vulnerable the managed security specialist has claimed. In addition, those running modified versions of the Apache web server on OS X would not have received the update patch automatically, but would not necessarily realise this. The vulnerability risks allowing attackers to exploit URLs to gain access to back-end data structures and carry out website defacement or information theft.”

Exit mobile version