Apple has released a new security update for Mac OS X 10.3.6 called Security Update 2004-12-02. The update addresses issues with several key components of Mac OS X, including two significant issues affecting Safari. From the security update notes on Appleis Mac OS X Security page:
Safari
Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6, Mac OS X v10.2.8, Mac OS X Server v10.2.8
Impact: Specially crafted HTML can display a misleading URI the Safari status bar.
Description: Safari could be tricked into displaying a URI in its status bar that was not the same as the destination of a link. This update corrects Safari so that it now displays the URI that will be activated when selected.Safari
Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6, Mac OS X v10.2.8, Mac OS X Server v10.2.8
Impact: With multiple browser windows active Safari users could be mislead about which window activated a pop-up window.
Description: When multiple Safari windows are open, a carefully timed pop-up could mislead a user into thinking it was activated by a different site. In this update Safari now places a window that activates a pop-up in front of all other browser windows. Credit to Secunia Research for reporting this issue.
The other components updated are:
- Apache
- AppKit
- HIToolbox
- Kerberos
- Postfix
- PSNormalizer
- Terminal
You can find the update in your Software Update control panel in Mac OS X 10.3.6. You can also find more information and direct download links at Appleis Mac OS X Security page.
No Comments
Add your comment