About time, considering it’s over ten years old. Of course, this might just mean that Apple HASN’T fixed the one that allows a maliciously-crafted PDF to set your printer on fire but I hope this means that OS X is finally maturing as a secure platform.
This issue is addressed through improved tracking of origins. Visiting a malicious website may lead to files being sent from the user’s system to a remote server. Impact: Visiting a malicious website may lead to files being sent from the user’s system to a remote serverĭescription: A cross-origin issue existed in WebKit’s handling of windows. To Apple’s credit, I had a quick scan through the list of fixes, and there were no thigh-slappingly-hilarious ones. There’s normally a whole bunch of security fixes for things that you’d never believe could make it through quality assurance, such as “Entering a password with three letter A’s causes the user’s privileges to escalate” and “Guest users can use ‘cron’ to run malicious code after they’ve logged out”. Usually, looking at a list of security fixes in Mac OS X updates is like watching The Three Stooges: You laugh at all the buffoonery that’s happened.
