Hi Apache Friends!
Project zero has recently announced some new attacks that have received a lot of attention: https://googleprojectzero.blogspot.ca/2018/01/reading-privileged-memory-with-side.html.
The risk from these attacks resides in the systems in which your applications run, as opposed to the runtime itself. If an attacker manages to run malicious code on an unpatched OS, they may be able to access memory and or data that they should not have access to. We strongly recommend to update your system to use the latest fixes available for each OS.
XAMPP installers are not affected by these vulnerabilities. Only the new XAMPP VM for OS X that uses a Debian virtual machine.
Download it now!