Apple releases fix for sharing flaw

Apple has released a patch for Mac OS X Snow Leopard, fixing a potentially nasty bug which allowed ne'er-do-wells access to shared folders without knowing the password.

Snow Leopard Security Update 2010-006 is now available, and Apple recommends that "all users" update as soon as possible, as the patch "improves the security of Mac OS X."

Although Apple is sticking to its usual habit of not confirming precisely what flaw is fixed by a particular patch - at least until the patch is rolled out to the majority of customers - the fix is thought to address a rather thorny remote access vulnerability in the operating system.

Ordinarily, the only way to gain access to shared folders and files on a Mac OS X-based system is to know two pieces of information - the user name, and the password. Owing to a coding error, researchers - and those with less high-brow intentions - discovered that it is possible to gain access to these protected areas knowing just the user name.

While non-shared folders weren't affected by the bug, it's still a pretty serious flaw - and Mac owners will be pleased to hear that the problem is now resolved.

The update can either be installed automatically or manually downloaded from Apple's update page.