Security Update 2009-001
「Safari に脆弱性」という記事を書きましたが、ようやく、この問題に対処した Security Update がリリースされています。
CVE-ID: CVE-2009-0137
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.6, Mac OS X Server v10.5.6
Impact: Accessing a maliciously crafted feed: URL may lead to arbitrary code execution
Description: Multiple input validation issues exist in Safari's handling of feed: URLs. The issues allow execution of arbitrary JavaScript in the local security zone. This update addresses the issues through improved handling of embedded JavaScript within feed: URLs. Credit to Clint Ruoho of Laconic Security, Billy Rios of Microsoft, and Brian Mastenbrook for reporting these issues.
About the security content of Security Update 2009-001 - Apple Support
また、
もリリースされていますので、ぜひ、アップデートを。