To Customer Support To Customer Support

Apple issues critical Safari security updates

Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

Apple has released two updates to address "multiple" vulnerabilities in its web browsing software

Apple has released a pair of software updates for its Safari web browser following the discovery of multiple vulnerabilities that could leave users at risk of remote attacks.
The Safari 6.1.4 and Safari 7.0.4 updates are applicable to users of OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.3.
According to an Apple Security advisory, those who fail to install the updates could leave their systems exposed to arbitrary code execution attacks, whereby an unauthorised third party could take control of the users’ machine.
 
Full Article

5 replies

Ssherjj
Rank
Userlevel 7
Badge +62
Great to know about this Safari update...all I can say is Thank you! I'm running Mavericks OS X 10.9.3 and will be on top of that update for sure! 😉
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sonoma (14.3.1}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
May 25th, 2014, 10:35 GMT · By Filip Truta
 
Apple this week rolled out two Safari updates for several versions of OS X addressing around two dozen WebKit flaws that Sophos deems as highly important. According to the company’s security evangelist Paul Ducklin, Safari 7.0.4 and Safari 6.1.4 are must-install updates.

Security advisor Paul Ducklin writes on the Sophos Naked Security blog that Apple’s Safari 7.0.4 update closes a total of 22 vulnerabilities, “including 21 listed under ‘arbitrary code execution.’”

Noting that Apple has increased the frequency of Safari patches, Ducklin says “There are 22 CVE-numbered security holes patched, 21 of which are annotated by Apple with the words: ‘Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.’”

In a support document that talks of these updates at length - About the security content of Safari 6.1.4 and Safari 7.0.4 - Apple outlines that said updates target OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3. The Mac maker’s disclosure reveals that, “Multiple memory corruption issues existed in WebKit.”
 
Full Article
Ssherjj
Rank
Userlevel 7
Badge +62
Seems like Apple Products are vulnerable after all. Remember....Macs are secure and don't get viruses...updates automatically , the best computers around no worries..seems to me I've never believed in those remarks..here say ...or Apple is getting penetrated like the PCs more then ever now and what's sad is a lot of people will never know these vulnerabilities unless it's on the TV channel News Report! Ugh!
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sonoma (14.3.1}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
R
Rank
Userlevel 7
The following is a update on Safari,osx fixes
 
 
 "Quote" / Apple ships security fixes for iOS, OS X, Safari ... basically EVERYTHING
 
 
By/ By Neil McAllister, 30 Jun 2014
 
 
Apple on Monday shipped new versions of its operating systems, its web browser, and Apple TV firmware – with each update a minor release aimed at fixing bugs and closing security vulnerabilities.
 
The latest release of OS X Mavericks, version 10.9.4, addresses a total of 19 vulnerabilities in a variety of OS subsystems, ranging from graphics and Thunderbolt drivers to the Dock.
 
http://pubads.g.doubleclick.net/gampad/ad?iu=/6978/reg_security/front&sz=300x250%7C300x600&tile=3&c=33U7H5nawQrMkAAG0Vl2IAAAMy&t=ct%3Dns%26unitnum%3D3%26unitname%3Dwww_top_mpu%26pos%3Dtop%26test%3D0 
It also claims to speed up waking from sleep, and to fix one issue where Macs wouldn't connect to known Wi-Fi networks, and another where the Apple logo didn't appear onscreen properly during boot-up.
 
The Register/ Full Read Here/ http://www.theregister.co.uk/2014/06/30/apple_june_30_patches/
 
 
 
R
Rank
Userlevel 7
The following is a update on Safari patches
(Apple Patches Multiple Vulnerabilities in Safari Web Browser)
By Eduard Kovacs on August 14, 2014
 
Safari 6.1.6 and Safari 7.0.6, the latest versions of Apple's Web browser, come with fixes for several security vulnerabilities, some of which could be exploited to remotely execute arbitrary code.
 
Apple hasn't provided specific details on the vulnerabilities, but the advisory published by the company reveals that they are memory corruption issues affecting WebKit, the open source rendering engine that powers the Web browser.
 
"Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution," Apple noted in its advisory.
The flaws have been assigned the following CVE identifiers: CVE-2014-1384, CVE-2014-1385, CVE-2014-1386, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389 and CVE-2014-1390. The issues were discovered by Apple, the Google Chrome Security Team and an anonymous researcher
 
SecurityWeek/ Full Article Here/ http://www.securityweek.com/apple-patches-multiple-vulnerabilities-safari-web-browser

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.