Apple has released a new patch for Snow Leopard, Security Update 2010-006. This update only fixes a single issues, found in Apple File Protocol. Through an error handling problem in AFP Server, an attacker knowing a person’s account name can bypass password screening and access files in shared folders.
The issue is exclusive to Snow Leopard, and as a result there is just one version of the update, for client and server users. The patch only weighs in at 1.93MB. It can be downloaded via the web or Mac OS X’s Software Update feature.
