The two OS X flaws allow malicious code to be transmitted through Internet browsers -- such as Internet Explorer -- on which users have left the default settings in place. Even after downloading the patch, "it is still possible to execute arbitrary code on a vulnerable user's system," says security expert Niels Henrik Rasmussen.

Apple issued a patch on Friday in response to the discovery of two OS X holes that allow malicious code to travel from Internet sites to users' computers. Apple's announcement of the patch included a statement that the vulnerabilities created by the holes are "theoretical," and that users that regularly download patches to their operating systems receive such fixes routinely.
This specific patch, however, leaves users "just as vulnerable as they were before," Niels Henrik Rasmussen, CEO of computer security firm Secunia, told NewsFactor.

Two Flaws, One Patch

The two flaws allow malicious code to be transmitted through Internet browsers -- such as Internet Explorer -- on which users have left the default settings in place. Even after downloading the patch, though, "it is still possible to execute arbitrary code on a vulnerable user's system," said Rasmussen.

The first flaw exploits a vulnerability in the OSX "help" URI handler, and the patch addresses that. However, by downplaying the critical nature of the flaw, Apple is failing to convey to users the importance of downloading the patch, according to Rasmussen.

Apple has yet to learn the lessons of operating-system competitor Microsoft, which routinely describes the nature and impact of most vulnerabilities, allowing customers to determine whether to fix a problem. Network administrators routinely use the rating system to create a schedule for implementing fixes or to group them into workable categories.

Manual Fix

In addition, Rasmussen says, Apple did not address the second vulnerability -- "disk" URI -- at all. This hole allows malicious code to be placed on a PC without the user's knowledge.

Secunia has recommended a series of manual steps that users can follow to eliminate the holes. By unchecking the "Open 'safe' files after downloading" item in Internet preferences and adding a protocol helper (application) for the "disk" and "disks" items, says a Secunia advisory, users can protect their systems.

You can view the original article here...
http://www.newsfactor.com/story.xhtml?story_title=S...4176&category=netsecurity