|
|
I have, and it's the most effective method available.
Inside the Help.app package, there is a file named Info.plist. This is an XML property list document. In it is a field that controls Help's ability to run Applescripts.
Find the field named "NSAppleScriptEnabled" and change the boolean value to "No". You can do this with Property List Editor, or with Text Edit if you remember to save it as plain text with UTF-8 encoding. This will disable prevent the script from running, as it requires Applescript for functionality. I have tested this, and so have other people, and it works. Safari will download the image, mount it if allowed, Help will launch, and that's it. No need to disable Help at all, although not auto-opening files is still a very good idea.
See more at MacCentral.
NSAppleScriptEnabled boolean No is great!
This seems to be the most sane and unobtrusive "quickfix" for this exploit; I don't notice any loss of functionality other than that specific to this exploit. Help Viewer still works and can still "open System Preferences for me" from help pages, and the dmg and local application vectors no longer are open doors (remapping disk:// and disks:// is probably an additional safeguard; who has ever used them?)
NSAppleScriptEnabled boolean No is great!
Thank you!!!
I'm glad that at least two people bothered to read all of the offered solutions!!
I can understand that people are in a fit trying to find a 'quick fix' solution for this, as it is kinda scary, but there is a better solution out there than remapping the help:// protocol, and this is it.
Please, people, give this a try. It works, and works well, across all users on any system, can be transparently fixed when Apple finally issues a fix through Software Update, and can be simply reversed or reapplied as necessary. Don't just jump on the first solution offered, or the most popular one; it may not be the most practical one.
Jeez, can you tell that Mac users are not used to dealing with the stress of this kind of vulnerability?
NSAppleScriptEnabled boolean No is great!
Yes, and the easiest way to do this is with a single instruction issued from the command line in the Terminal. Notice that you must have administrative rights on the Mac in question to undertake this fix.
Open a Terminal window and type (or copy and paste) the following:
This will set the boolean switch as recommended here. Yes, I posted a similar reply below, but given the length of the comments here I thought repeating it might be helpful for some, and yes, I did get this from the MacInTouch homepage Thursday morning. Hope this is helpful.
I have, and it's the most effective method available.
In mine, I changed "true/" to "false/" |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.07 seconds |
|