“A vulnerability in Apple’s Mac OS X results in a potential situation in which a malicious person could execute arbitrary commands on your machine, such as deleting your home directory, or doing other harmful actions. This vulnerability involves the use of URL ‘schemes.’ These are the part of a web address that specifies what program should be used to handle the address,” Unsanity.com reports.
“Paranoid Android can protect you from this potential vulnerability until Apple makes an official fix available. It does this by watching the URL schemes that are requested and delaying them until you’ve had a chance to say whether you’d like to proceed or not. If you know that the url that’s being loaded is legit, go ahead, but if it looks suspicious, Paranoid Android gives you an opportunity to cancel it,” Unsanity.com reports. “Paranoid Android is completely free – we do this for the benefit of Mac community. You can check out our other products too.”
Version 1.1 (May 22, 2004)
– Protected applications now appear in the APE Manager preference pane under Enhanced Applications.
– Added support for Jaguar.
– Added more permitted URL schemes. The permitted schemes are ‘http’, ‘https’, ‘ftp’, ‘mailto’, ‘itms’, ‘addressbook’, ‘rtsp’, ‘pnm’, ‘ical’, ‘webcal’, ‘sherlock’, ‘guikit’, and ‘file’.
More info and download link here.
Related MacDailyNews article:
Unsanity releases free utility to fix Mac OS X ‘URL Schemes’ vulnerability – May 20, 2004