The First Apple Security and Java Update of 2009
Article by George Norman
On 13 Feb 2009
The Cupertino software developer behind the Mac OS X, has issued two updates for their operating system that include improvements to the Java platform and plug some security holes affecting the Mac OS X 10.5.6 Leopard and Mac OS X 10.4.11 Tiger, including the Safari RSS vulnerability that could allow someone with malicious intent to read the data stored on your machine.

The first security update of 2009 that Apple put out is adequately named “Security Update 2009-001" and is available for Leopard, Leopard Server, Tiger for Intel Macs, Tiger for PowerPC-based Macs, Tiger Server for PowerPC-based Macs, and Server Universal. There are two simple methods of keeping your system protected and up-to-date. The first is to go to System Preferences, click Software Update and let the process occur automatically. A more hands-on approach would be to get the update directly from Apple (download location available here).


Brian Mastenbrook, the developer that initially discovered the Safari RSS vulnerability mentioned above, comments: “Once I discovered the issue, I promptly reported it to Apple, including a proof of concept which demonstrated reading a local file. This issue was reported on July 11, 2008. After six months passed without a fix, I decided to post a warning on January 11, 2009, due to my judgment that this issue could be exploited at any time as long as it remains unfixed. So why did it take seven months for Apple to deliver a fix? What does this say about Apple's commitment to protecting the security of its users? Neither I nor anyone else who is not at Apple can answer these questions for certain.”

Security Update 2009-001 also addresses some flaws affecting the following: APF Server , Apple Pixlet Video, ClamAV, CoreText, Python, SMB, X11, Printing, DS Tools, CarbonCore, CFNetwork, Certificate Assistant, Cups, fetchmail, Folder Manager, FSEvents, perl, Network Time, Remote Apple Events, servermgrd, SquirrelMail, Xterm. These vulnerabilities can be exploited for DoS (denial of service) attacks, arbitrary code execution, gain access to system privileges, and expose passwords.

Tags: Apple, Mac OS X, Java, Security Update 2009-001
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
The First Apple Security and Java Update of 2009
HTML Linking Code