Apple Releases Security Updates, Addresses Safari RSS Vulnerability
Apple today released several security-related updates through Software Update and Apple's Support Downloads site.
Security Update 2009-001 addresses a number of vulnerabilities detailed in the update's support document, notably including the Safari RSS vulnerability disclosed in mid-January.
Multiple input validation issues exist in Safari's handling of feed: URLs. The issues allow execution of arbitrary JavaScript in the local security zone. This update addresses the issues through improved handling of embedded JavaScript within feed: URLs. Credit to Clint Ruoho of Laconic Security, Billy Rios of Microsoft, and Brian Mastenbrook for reporting these issues.
The update is available in a number of versions:
- Leopard Universal (43.4 MB)
- Leopard Server Universal (46.54 MB)
- Tiger Intel (164.23 MB)
- Tiger PPC (74 MB)
- Tiger Server Universal (213 MB)
- Tiger Server PPC (141.76 MB)
Apple also released Safari 3.2.2 for Windows to patch the RSS vulnerability for Windows users.
Finally, Apple released Java updates for both Leopard (3 MB) and Tiger (1.6 MB). According to the support documents (Leopard, Tiger), both updates address the same vulnerabilities in the Java plug-in and Java Web Start.
Popular Stories
Apple is set to release iOS 18.2 in December, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. There are a handful of new non-AI related feature controls incoming as well.
...
The first Geekbench 6 benchmark results for the M4 Pro chip surfaced today. Impressively, the results that are available so far show that the highest-end M4 Pro chip is faster than the highest-end M2 Ultra chip in terms of peak multi-core CPU performance.
Here is a comparison of the results:
Mac mini with M4 Pro (14-core CPU): 22,094 multi-core score (average of 11 results)
Mac Studio...
The iPhone SE 4 that's set to come out early next year is expected to debut Apple's first in-house 5G modem, according to Jeff Pu, an analyst who covers companies within Apple's supply chain.
In a research note this week with Hong Kong-based investment firm Haitong International Securities, Pu said Apple is expected to roll out its custom-made 5G modem starting with the next-generation...
Apple today announced new 14-inch and 16-inch MacBook Pro models featuring M4 Pro and M4 Max chips, alongside a new entry-level 14-inch MacBook Pro powered by the M4 chip.
Subscribe to the MacRumors YouTube channel for more videos.
The new M4 Pro and M4 Max machines come with a minimum of 24GB of Unified Memory as standard, up from 18GB in the previous models. Both models feature three...
While the new MacBook Pro lineup features faster M4 chip options, Thunderbolt 5 support for higher-end configurations, a nano-texture display option, and more, most of the previous MacBook Pro models with Apple silicon chips still offer the latest overall design, and fast performance, which might lead you to avoid upgrading this year.
If you are planning to skip the new MacBook Pro, here are ...
Apple today in its new MacBook Pro press release announced that the MacBook Air lineup now starts with 16GB of RAM, up from 8GB previously.
This change applies to the 13-inch model with the M2 chip, the 13-inch model with the M3 chip, and the 15-inch model with the M3 chip.
In the U.S., the MacBook Air lineup continues to start at $999, so there is no price increase associated with the...
Apple has reached an agreement to acquire Pixelmator, the company behind popular photo and image editing apps Pixelmator Pro, Pixelmator for iOS, and Photomator. The acquisition is subject to regulatory approval, according to an announcement made by the Pixelmator team on Friday.
Based in Vilnius, Lithuania, Pixelmator has developed a suite of well-regarded creative tools that compete with...