Apple + Security & Privacy

Apple has released the latest update to Leopard, version 10.5.4, which in addition to fixing bugs and resolving problems, contains a number of security fixes. A total of 13 vulnerabilities are patched, touching such elements of the operating system as WebKit, Ruby, the SMB file server, and the Dock. This update does not, however, provide a fix for the ARDAgent vulnerability, that we recently wrote about. Perhaps it was too close to the release of the 10.5.4 update for Apple to get a fix in for this problem; or maybe Apple hasn’t figured out how to resolve the problem and maintain Apple Remote Desktop functionality. More information about this update, and download links, are available on this page. As usual, you can download the update using Software Update.

Together with this operating system update, Apple has released a security update far Macs running Tiger (Mac OS X 10.4), Security Update 2008-004, which fixes mostly the same problems as those corrected in Mac OS X 10.5.4. (Download links for this update are available here.) This update is available in four versions: PowerPC, Intel, and and Server PowerPC and Server Intel.

Finally, Apple has released Safari 3.1.2 for Mac OS X 10.4.11, which contains one fix for the program’s WebKit framework. Information about this update is available here.

So, whatever Mac or version of Mac OS X you run, fire up Software Update and see what updates are available for you.