In association with heise online

08 June 2010, 16:36

Apple's Safari updates address 48 security vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Safari Logo The latest updates to Apple's Safari WebKit-based browser, versions 5.0 and 4.1, include several new features, such as secure sand-boxed extensions, new HTML5 technologies and Safari Reader, and address a number of security vulnerabilities. In total, the Safari updates close 48 security holes, many of them rated as critical by Apple.

Version 4.1 of Safari closes 46 vulnerabilities, while Safari 5.0 corrects 45 issues. A majority of the vulnerabilities are related to problems caused by the browsers open source WebKit rendering engine, most of which could allow an attacker to crash a victims browser or execute arbitrary code on a user's system. Other issues could lead to a denial-of-service (DoS) condition, information disclosure or cross-site scripting (XSS) issues. The updates also close a previously reported zero-day exploit caused by an error in the way the browser deals with pop-ups.

All users are advised to upgrade to the latest release as soon as possible. Safari 5.0 is available to download for Mac OS X 10.5.8, 10.6 and Windows XP or later. Alternatively, Safari 4.1 provided for users running Mac OS X 10.4.11 Tiger.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit