This article originally appeared in TidBITS on 2016-04-04 at 2:33 a.m.
The permanent URL for this article is: http://tidbits.com/article/16396
Include images: Off

iBooks Author 2.4.1

by Agen G. N. Schmitz

Appleā€™s iBooks Author [1] has been updated to version 2.4.1 with just a single security patch. According to this Apple Support document [2], an XML external entity reference issue existed with iBook Author parsing that could lead to disclosure of user information if viewing a maliciously crafted iBooks Author file. However, this vulnerability has been patched with improved parsing. (Free from the Mac App Store [3], 419 MB, 10.10+)

[1]: http://www.apple.com/ibooks-author/
[2]: https://support.apple.com/en-us/HT206224
[3]: https://itunes.apple.com/us/app/ibooks-author/id490152466?mt=12&at=10l5PW&at=10l5PW