Apple releases security, Java updates

Apple on Thursday released the first security update of 2009, the aptly named Security Update 2009-001. The update, which is available in versions for Leopard, Leopard Server, Tiger for Intel Macs, Tiger for PowerPC-based Macs, Tiger Server for PowerPC-based Macs, and Server Universal addresses a number of flaws in OS X. Security Update 2009-001 is recommended for all users and is available via Apple's site or Software Update.

Among the fixes in Security Update 2009-001 are a patch for the Safari RSS vulnerability demonstrated by developer Brian Mastenbrook last January. Also fixed were a denial of service vulnerability in AFP server, a flaw in CoreText that could allow maliciously crafted Unicode content to execute arbitrary code, and a security hole that could let other local users access a user’s Downloads folder, and several other vulnerabilities.

In addition, Apple also posted two Java updates: Java for Mac OS X 10.5 Update 3 and Java for Mac OS X 10.4, Release 8. Both updates are said to “address security and compatibility issues” and are compatible with both Intel and PowerPC-based Macs.

To comment on this article and other Macworld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.