updated 05:00 pm EDT, Thu September 3, 2009
Several Java threats addressed via security update
Apple has released a Java update for Mac OS X 10.5.8 that addresses a wide range of security vulnerabilities. The most serious issue allowed untrusted Java applets to obtain elevated privileges after users visit a web page containing maliciously crafted code. The problem has been addressed for systems running Mac OS X 10.5.8 or 10.5.8 Server.
The update also addresses a vulnerability relating to maliciously crafted Java Web Start applications. The issue has been fixed through improvements to bounds checking.
Java for Mac OS X Update 5 can be downloaded through Apple's Support page or via Software Update. The files are contained in a 161MB package.