Hot on the heels of Apple’s critical QuickTime security fix comes their somewhat less critical Security Update 2007-009. This update contains a number of important fixes for both Tiger (10.4) and Leopard (10.5). There are 31 total fixes, 23 for Tiger and 18 for Leopard (many fixes apply to both).

A quick overview:

1. • The usual set of fixes to prevent maliciously crafted Web sites and documents from causing “unexpected application termination or arbitrary code execution.”
   

2. • A few fixes to prevent “disclosure of sensitive information.”
   

3. • Various printing fixes, to acronyms such as CUPS, IPP and SNMP.
   

4. • Updates to many third-party components, including Flash Player (probably the most important fix), ruby, Samba (SMB), Shockwave Player, tcpdump and PCRE.
   

5. • An important update to Mail (for Leopard only) that re-fixed a bug previously fixed on Tiger to prevent a potentially malicious attachment from being run without warning.
   

6. • A fix to the Software Update mechanism itself to prevent a theoretical “man-in-the-middle” attack.
   

As usual, you might want to wait a day or two to make sure there are no serious problems, and then go ahead and install the update.