Free tech support / small logo


Fixing a Mac OS X Safari vulnerability

A letter came in this morning:
Help! I read about some sort of major security hole where people can exploit the Safari help system and drop junk onto my computer? What's that all about? How can I avoid it being a danger on my computer?
Dave's Answer: The problem here is that like all Web browsers, Apple's Safari browser associates different applications with different protocols. Go to a 'http:' URL and it'll act differently than if you go to a 'mailto' URL, for example.

In this case, it appears that the Help Viewer with Mac OS X has some unexpected vulnerabilities that some delinquent hackers have realized can be exploited to get onto your computer if you're running Mac OS X. Obviously not good.

To fix this you need to associate a different application with the "help:" protocol in Safari. Unfortunately, Safari doesn't let you tweak these so-called protocol helpers so you either need to swoop into the XML preferences file and edit by hand (not recommended!) or install a nice - free - application called MoreInternet from MonkeyFood.com. Install that, then start it from the Apple -> System Preferences menu. Then it's a breeze; find the "help" protocol and either just delete it (that's what I did) or associate it with an application other than the Help Viewer (try "Chess" for something amusing).

That should solve the problem until Apple comes up with a more logical fix, like a version of Help Viewer that doesn't have this vulnerability!




Categorized: Mac OS X Help   (Article 3701, Written by )
Tagged:
Previous: Is there any hidden importance to the page TITLE?
Next: How do I optimize my site for search engines?




Subscribe!
Never miss another Q&A article! Click to subscribe: Add to Google Reader Add to My Yahoo! Subscribe in NewsGator RDF XML
Comments
Rather amazingly, there are no comments on this article yet.

I have something to say, now that you mention it, but ...
Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you for all your efforts on this Web site by buying you a cup of coffee!

I do have a comment, now that you mention it!











Remember personal info?


Please note that I will never send you any unsolicited email. Ever.

While I'm at it, please note that by submitting a question or comment you're agreeing to my terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site.









Recent Entries


Search
I Need Help!
Need Help? Ask Dave Taylor!

Even More Help

film blog - social media / blogging speaking - business blog - Colorado photography - free tech support
© 2002 - 2012 by Dave Taylor. All Rights Reserved.

Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.

[whiteboard marker tray]
"Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.