Security fixes galore
Three major software providers for the Mac have released updates that provide protection against security vulnerabilities.
Let's start with Apple.
Safari 4.0 is out, and whether or not you like the changes you should think seriously about installing it.
The reason is that not all of the 50-odd security fixes relate only to the beta version. At least two of the patches address issues that are present in Safari 3.x.
Security researcher Chris Evans has provided proof of concept exploits for a pair of XML vulnerabilities in Safari 3 that have been fixed in version 4.
Given that they allow remote servers to grab the contents of a local file or to steal sensitive information (eg details of your Gmail inbox) from another server that you're connected to, this seems like a fairly serious issue to me.
(Shortly after last week's post appeared, Apple pushed out updates for iMovie 8, iLife Support 9, iPhoto 8 and iDVD 7, plus Digital Camera RAW Compatibility Update 2.6. There doesn't seem to be any security content, but those compatibility and stability fixes are sufficient reason for me.)
Next there's Microsoft.
Updates to Office 2004 and 2008 provide protection against vulnerabilities in Word, Excel and PowerPoint that might allow maliciously crafted documents to trigger remote code execution.
The PowerPoint fix is the one that we've been waiting for since last month, when an update for Office for Windows was released.
Microsoft rates all three issues as "important" in Office for Mac.
As we've come to expect, the 2008 update is substantially bigger (268M) than its counterpart for 2004 (59M).
Rounding out the trinity is Adobe.
The company has released the first of its quarterly updates for Acrobat and Reader, with fixes for 13 issues that may allow remote code execution.
The easiest way to download and install the updates is to use Software Update, Microsoft AutoUpdate and Check for Updates in Adobe Reader.
If you need to apply them to more than one Mac, download the standalone updaters from the companies' web sites (Apple, Microsoft and Adobe).
 Subscribe to Hydrapinion
|
|
Recent Posts
Trackback address for this post
Trackback URL (right click and copy shortcut/link location)
Comment feed for this post
One of Australia's most experienced IT writers, Stephen Withers has been using and writing about Macs since 1984. His journalistic resume includes stints as editor of Australian MacUser and as Macintosh section editor of PC Week. He has also managed a PC and Mac support operation at one of the country's leading universities, and is active in the Mac user group community.
