Apple rolled out Java security updates for Mac OS X 10.4 and 10.5 late Monday afternoon. Java for Mac OS X 10.4 Update 9 and Java for Mac OS X 10.5 Update 4 patch a series of flaws that could let a remote attacker gain elevated privileges or execute arbitrary code on the victim's computer.
The security updates address issues in Mac OS X 10.4.11 and 10.5.7 where attackers could use untrusted Java applets to gain elevated privileges on a victim's computer, or where visiting a Web site containing a maliciously crafted Java applet could let an attacker run arbitrary code with the victim's current privileges.
The updates are free and available via the Software Update application, or as downloadable installers for Mac OS X 10.4.11 and 10.5.7 at the Apple Support Web site.