As I wrote earlier it has been revealed that there was protocol within Help.app that made it possible to execute arbitrary code on an OS X machine from a website. As it turns out this vulnerability exists in not just Help.app, but also in FTP, Telnet, AFP.

I am not going to go into detail describing the problem as there is already an excellent descriptions available here. I am just going to list how to fix the problem.

- Install Security Update 2004-05-24 to fix Help.app.

- If you are running 10.2 install Software Update 2004-05-24. If you are running 10.3 upgrade to 10.3.4. These updates fix telnet in their respective OSs.

- Turn off Safari's Open "safe" files after downloading. If using a different browser be sure that it has automatic file launching disabled.

- Install RCDefault and configure the default application for AFP: Disk: and Disks: to "disabled". If you are using an FTP client like Fetch than configure FTP to the appropriate application. If you do not have an FTP client than set FTP to disabled (the default is finder).

- If you want to test that the machine has been secured you can go here for scripts to test each URI protocol.

Remember if you have multiple users on a machine you need to do the above steps for each user.

Thanks to John Gruber from whom I cribbed the above solution.