Apple releases Mac OS X Security update and Java updates

Apple has released the Security Update 2009-001 for Mac OS X today which improves the security of Mac OS X and recommended for all users.

The security update fixes the following:

  • Safari RSS vulnerability
  • Denial of service vulnerability in AFP server
  • A flaw in CoreText
  • A security flaw in Folder Manager that allows other local users access to a user's Downloads folder and other vulnerabilities.

The security update is available for Leopard, Leopard Server, Tiger for Intel Macs, Tiger for PowerPC-based Macs, Tiger Server for PowerPC-based Macs and Server Universal.

Two Java updates are also available which addresses security and compatibility issues and are compatible with both Intel and PowerPC-based Macs & applies to Mac OS X 10.5.6 or later versions.

The update can be downloaded and installed via Software Update or from Apple Downloads.

More information about the update can be obtained here

Report a problem with article
Previous Story

Microsoft to open retail stores

Next Story

Fresh Windows Mobile 6.5 screenshots

5 Comments

Commenting is disabled on this article.

Apple gave credit where credit was due in the release notes:

Multiple input validation issues exist in Safari's handling of feed: URLs. The issues allow execution of arbitrary JavaScript in the local security zone. This update addresses the issues through improved handling of embedded JavaScript within feed: URLs. Credit to Clint Ruoho of Laconic Security, Billy Rios of Microsoft, and Brian Mastenbrook for reporting these issues.

(Emphasis mine.)

Good to see the two companies working together on security issues.

yup since the never give good details of the updates they offer like before it would just say Security Update and Java Update bugs were fixed lol