Start your engines -- er, Apple menus -- it's Software Update time! Apple has just issued two security updates today. The first
is aimed at Java for OS X 10.5.6 and the Java Web Start and Java Applet components. The second update
is for both Mac OS X 10.4.11 and Mac OS X 10.5.6 is a broader security update that addresses the Safari RSS vulnerability
we discussed last month, as well as a number of other components (including perl, AFP Server and Remote Apple Events).
You'll need to restart your system after installing the security update -- but we recommend you do so, this stuff looks important!
Brian Mastenbrook, who discovered
the Safari RSS vulnerability has posted a blog entry
detailing how he discovered the problem, why he issued a warning and how long it ultimately took Apple to respond (6 months!). It's good reading and a good discourse on how our favorite company handles security threats and how they might want to improve.