Apple has issued a rare single-vulnerability security update for an AFP issue whereby “A remote attacker with knowledge of an account name on a target system may bypass the password validation and access AFP shared folders.” This is a critical flaw, and if Apple issued this update on its own, they certainly felt that it was essential to get it installed as soon as possible. This only affects Snow Leopard (Mac OS X 10.6), but all users should apply this update immediately by running Software Update, or downloading the updater from Apple’s Downloads page.
Full information is here.
