Apple has released Security Update 2010-006 [1], an update exclusively for Macs running Mac OS X 10.6.4 Snow Leopard. The update corrects a vulnerability in AFP Server [2], which manages file sharing. In certain situations, a remote attacker who knew a valid username on your Mac could log in without knowing the password, and access folders shared via AFP. Apple recommends everyone running 10.6.4 - both the desktop and server versions - install the patch, which is available via direct download or Software Update. (Free, 1.93 MB)
[1]: http://support.apple.com/kb/DL1105
[2]: http://support.apple.com/kb/HT4361