Apple Releases Fixes For Safari Vulnerability

You might recall this post about a vulnerability in the Safari web browser that could allow “Evil Doers” to get to your personal data. Last night, Apple released a fix for that issue. If you’re a Windows user, you can download Safari 3.2.2 for Windows which kills this issue (you can read the details here). Meanwhile Mac users can download a security update that fixes this issue. Pick the security update that fits your Mac environment below:

Leopard Universal (43.4 MB)
Leopard Server Universal (46.54 MB)
Tiger Intel (164.23 MB)
Tiger PPC (74 MB)
Tiger Server Universal (213 MB)
Tiger Server PPC (141.76 MB)

Apple also released Java updates for both Leopard (3 MB) and Tiger (1.6 MB).  Both updates address the same vulnerabilities in the Java plug-in and Java Web Start that comes with MacOS X.

By the way, Brian Mastenbrook, (who discovered this issue) posted a blog entry detailing how he discovered the problem, why he issued a warning, and how long it ultimately took Apple to respond. Not to mention why Apple’s response sucks. To be fair though, he does tell them how they can fix their issues in terms of dealing with security problems. It’s worth a read.

Leave a Reply

%d bloggers like this: