As I write, Apple has released four different bulletins to cover 48 documented vulnerabilities in the Mac OS X ecosystem, a solitary code execution flaw affecting Safari for Windows and four different security problems in Java for Mac OS X.
Security Update 2009-001 is quite a whopper, providing patches for holes in a wide range of components, including several open-source implementations like ClamAV and fetchmail.
This is a high-priority update for all Mac OS X users so don't fool around when you see that Software Update alert. All the raw details can be found in this advisory.
If you're a Windows user and Safari is installed on your machine, pay special attention to this alert, which warns of code execution exposure on Windows XP and Windows Vista.
Apple also shipped a Java for Mac update with fixes for 4 more security problems:
- Multiple vulnerabilities exist in Java Web Start and the Java Plug-in, the most serious of which may allow untrusted Java Web Start applications and untrusted Java applets to obtain elevated privileges. Visiting a web page containing a maliciously crafted Java applet may lead to arbitrary code execution with the privileges of the current user.