Solution
Alright, yeah it does look like a security hole, but it really isn't. What internet explorer does is when it downloads a BinHex document, it simply unencodes it into what ever it was supposed to be (usualy a stuffit archive) it does not execute the program contained within the document, therefore the only real exploitation of this would be to write the a virus that looks like a BinHex document to the computer, but executes like an app. Either way, such a file would be detrimental to all computers not just OS X ones.
As for fixing it, all it simply requires is to go into IE's preferences and turn off auto-unencode and auto un-stuff.
-
Huge security hole in Internet Explorer for MacOS
Internet Explorer 5.1, which comes preinstalled on MacOS X 10.1, has a huge security hole---when it downloads arbitrary programs encoded in the Macintosh's standard BinHex (.hqx) format, it automatically executes them. " Well I guess thats one way to make Unix insecure. Can anyone actually confirm this since it looks kinda sketchy. I wonder what someone's rationale would be for that:"Oh this won't hurt anyone, and saving that extra 'OK' click will be great!".
Taken from slashdot.com
Leave a comment: