The host is missing a critical security update according to Apple advisory, APPLE-SA-2017-05-15-2. The update is required to fix an arbitrary code execution vulnerability. The flaws are present in the application, which fails to properly handle crafted web content. Successful exploitation allows attackers to disclose user information.