Apple Computer Inc. on Thursday released its third security update in recent days. Security Update 2004-09-16 fixes a security issue with Apple’s iChat application that allowed Remote iChat participants can send “links” that can start local programs if clicked.
According to notes from
Apple’s security Web site, a remote iChat participant can send a “link” that references a program on the local system. If the “link” is activated by clicking on it, and the “link” points to a local program, then the program will run.
Apple said that iChat has been modified so that links of this type will now open a Finder window that displays the program instead of running it.
Updates are available for the following iChat versions:
iChat AV v2.1 (Mac OS X 10.3 or later)
iChat AV v2.0 (Mac OS X 10.2.8)
iChat 1.0.1 (Mac OS X 10.2.8)
The update is also Available via the Software Update System Preference in Mac OS X.