Apple has released Security Update 2010-003 (Snow Leopard) to address a critical vulnerability in the way Apple Type Services in Mac OS X 10.6 Snow Leopard parses embedded fonts. Users who view or download any documents containing maliciously crafted embedded fonts run a risk of arbitrary code execution. The update addresses this issue by improving index checking. This vulnerability was first demonstrated by Charlie Miller at the Pwn2Own conference 20 days ago, which shows a reasonably quick response on Apple's part. The update requires Mac OS X 10.6.3 and is available via Software Update and the Apple Support Downloads page. (Free, 6.5 MB)
Create Multiple Inspectors in iWork
Tired of flipping between panes in the Inspector in Keynote, Pages, and Numbers? You can open multiple copies of the Inspector window with View > New Inspector, but even better, you can Option-click one of the icons at the top of the Inspector window to open that pane in a new Inspector.
Security Update 2010-003 (Snow Leopard)
Check out the perks at <http://tidbits.com/member_benefits.html>
Special thanks to Oliver Saunders, Dan Oren, Dave Devine, and Chuck
Pliske for their generous support!