Patch for Mac OS X file sharing
Apple's Security Update 2010-06 for Max OS 10.6.4 (Server and Client) has been released to close one hole in the AFP (Apple Filing Protocol). According to Apple, it is possible to outwit the password validation when connecting, and with knowledge of an account name, to access shared volumes on a host system. By default, file shares are not active and are usually only LAN accessible.
According to Apple, versions prior to Mac OS X 10.6 are not affected. The update is available through Mac OS X's Software Update functionality or, as a 2MB standalone update, to download.