Security & Privacy

While all the hullabaloo yesterday was about OS X 10.8 Mountain Lion, Apple also released a number of other software updates. Two of them caught our interest because of the many security fixes they contain.

Safari 6, available as part of Mountain Lion but also released for Lion (10.7), fixes more than 120 vulnerabilities, over 100 of which affect WebKit, the HTML rendering framework used by Safari and by other applications that display HTML pages (such as Apple’s Mail, many RSS readers, etc).

Xcode 4.4, Apple’s development environment, available for Lion and Mountain Lion, fixes two security issues. One that is particularly problematic is described as follows:

Helper tools built with Xcode allow any App Store application to read their keychain entries

Users running Lion can get a new copy of Safari from Software Update. Xcode is available from the Mac App Store, and updates to Xcode are provided through that application.

More information about these updates can be found on Apple’s security updates page. As of this writing, there are not yet links to full reports about these updates.