This article originally appeared in TidBITS on 2016-04-04 at 2:33 a.m.
The permanent URL for this article is:
Include images: Off

iBooks Author 2.4.1

by Agen G. N. Schmitz

Appleā€™s iBooks Author [1] has been updated to version 2.4.1 with just a single security patch. According to this Apple Support document [2], an XML external entity reference issue existed with iBook Author parsing that could lead to disclosure of user information if viewing a maliciously crafted iBooks Author file. However, this vulnerability has been patched with improved parsing. (Free from the Mac App Store [3], 419 MB, 10.10+)