Apple Releases Security Updates, Addresses Safari RSS Vulnerability
Apple today released several security-related updates through Software Update and Apple's Support Downloads site.
Security Update 2009-001 addresses a number of vulnerabilities detailed in the update's support document, notably including the Safari RSS vulnerability disclosed in mid-January.
Multiple input validation issues exist in Safari's handling of feed: URLs. The issues allow execution of arbitrary JavaScript in the local security zone. This update addresses the issues through improved handling of embedded JavaScript within feed: URLs. Credit to Clint Ruoho of Laconic Security, Billy Rios of Microsoft, and Brian Mastenbrook for reporting these issues.
The update is available in a number of versions:
- Leopard Universal (43.4 MB)
- Leopard Server Universal (46.54 MB)
- Tiger Intel (164.23 MB)
- Tiger PPC (74 MB)
- Tiger Server Universal (213 MB)
- Tiger Server PPC (141.76 MB)
Apple also released Safari 3.2.2 for Windows to patch the RSS vulnerability for Windows users.
Finally, Apple released Java updates for both Leopard (3 MB) and Tiger (1.6 MB). According to the support documents (Leopard, Tiger), both updates address the same vulnerabilities in the Java plug-in and Java Web Start.
Popular Stories
Last year, Apple launched CarPlay Ultra, the long-awaited next-generation version of its CarPlay software system for vehicles. Nearly a year later, CarPlay Ultra is still limited to Aston Martin's latest luxury vehicles, but that should change fairly soon.
In May 2025, Apple said many other vehicle brands planned to offer CarPlay Ultra, including Hyundai, Kia, and Genesis.
CarPlay Ultra...
As we wait for WWDC to kick off next Monday, Apple today announced the winners of its annual Apple Design Awards, recognizing apps and games for their innovation, ingenuity, and technical achievement.
The 2025 Apple Design Award winners are listed below, with one app and one game selected per category:
Delight and Fun - CapWords (App) and Balatro (Game)
Innovation - Play (App) and PBJ -...
While the AirPods Max 2 received more attention, Apple also released a second pair of headphones last month: Nike Powerbeats Pro 2.
Nike Powerbeats Pro 2 are the same as the regular Powerbeats Pro 2, except they have a two-tone design consisting of black and Nike's signature Volt neon green-yellow color. The headphones were released on March 20 in the U.S., Canada, Australia, the U.K., and a ...
Popular Stories
Last year, Apple launched CarPlay Ultra, the long-awaited next-generation version of its CarPlay software system for vehicles. Nearly a year later, CarPlay Ultra is still limited to Aston Martin's latest luxury vehicles, but that should change fairly soon.
In May 2025, Apple said many other vehicle brands planned to offer CarPlay Ultra, including Hyundai, Kia, and Genesis.
CarPlay Ultra...
As we wait for WWDC to kick off next Monday, Apple today announced the winners of its annual Apple Design Awards, recognizing apps and games for their innovation, ingenuity, and technical achievement.
The 2025 Apple Design Award winners are listed below, with one app and one game selected per category:
Delight and Fun - CapWords (App) and Balatro (Game)
Innovation - Play (App) and PBJ -...
While the AirPods Max 2 received more attention, Apple also released a second pair of headphones last month: Nike Powerbeats Pro 2.
Nike Powerbeats Pro 2 are the same as the regular Powerbeats Pro 2, except they have a two-tone design consisting of black and Nike's signature Volt neon green-yellow color. The headphones were released on March 20 in the U.S., Canada, Australia, the U.K., and a ...
