Stopping the Worm
By now most of us, I hope, are aware of the new vulnerability discovered in OS X. It is a very bad one and I’m sure it will be attacked by hackers very quickly. Yesterday I decided to research it and do something to defend our household Macs.
The best information I found was a really well-written article at http://daringfireball.net/2004/05/help_viewer_security_update .
So here is what I did yesterday, for all four active Macs at my house:
1. Download RCDefaultApp from http://www.rubicode.com/Software/RCDefaultApp/ . This is a new pane for System Preferences.
2. Install it by double-clicking it. It asks whether you want it to be there for all users, or just the current one. Answer either way. It will launch System Preferences with the pane open.
3. The pane shows you a list of names of HTML schemes that can be sent from web sites to make your computer do various things. You want to disable five of them: afp, disk, disks, ftp, and telnet.
4. To disable a scheme, select it and then choose <disabled> from the pop-up menu to the right. When you’ve disabled all five, quit System Preferences.
5. Start Safari, open its Preferences, and select General. In the General pane, UNcheck the “Open ‘safe’ files after downloading” checkbox.
6. All better now. The only difference you will see is that when you download something from the web, it will not automatically open in the Finder.