< Blog Home

OS X Leopard security update 2007-009

Apple just released a security update for OS X Leopard 10.5.1. It is recommended for all users and fixes the following:

Core Foundation
CUPS
Flash Player Plug-in
Launch Services
perl
python
Quick Look
ruby
Safari
Samba
Shockwave Plug-in
Spin Tracer

With regards to installing on a production machine, it's kind of a fine line. On the one hand, you don't want to break anything but on the other, hackers often reverse-engineer a patch in order to find out what the original security issues were. They then target unpatched machines.

Obviously this is significantly less of an issue with OS X than it is with Windows but I would say that generally speaking, there is no harm in installing security updates on a production machine, but it's probably best to give it a day or two first and keep an eye on Apple's Leopard support forum to see if anyone else had any issues.

Update:
Didn't realize Apple posted one for Tiger at the same time too. It fixes:

Address Book
ColorSync
Core Foundation
CUPS
Desktop Services
Flash Player Plug-in
gnutar
iChat
IO Storage Family
Launch Services
Mail
perl
python
ruby
Safari
Safari RSS
Samba
Shockwave Plug-in
SMB
Spotlight
tcpdump
XQuery