U.S. CERT Recommends Apple Users Install Latest Safari Security Update Immediately
The United States Computer Emergency Response Readiness Team (US-CERT) has taken interest in a pair of security updates Apple released for its Safari web browser. These include Safari 6.1.4 and Safari 7.0.4, which are available to download now for OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.3.
"Apple has released updates for Safari to address multiple vulnerabilities, some of which could allow a remote attacker to execute arbitrary code or cause a denial of service," US-CERT said in a statement.
Apple didn't touch on the DoS claim, though the company did say that visiting a maliciously crafted website could lead to an unexpected application termination or arbitrary code execution prior to installing the patch(es). In addition, Apple said multiple memory corruption issues existed in WebKit, which it addressed through improved memory handling.
You can download the patches using Software Update or from the Apple Support website. Those of you clinging to Safari in Windows are out of luck -- Apple stopped supporting Safari for Windows a long time ago.
"Apple has released updates for Safari to address multiple vulnerabilities, some of which could allow a remote attacker to execute arbitrary code or cause a denial of service," US-CERT said in a statement.
Apple didn't touch on the DoS claim, though the company did say that visiting a maliciously crafted website could lead to an unexpected application termination or arbitrary code execution prior to installing the patch(es). In addition, Apple said multiple memory corruption issues existed in WebKit, which it addressed through improved memory handling.
You can download the patches using Software Update or from the Apple Support website. Those of you clinging to Safari in Windows are out of luck -- Apple stopped supporting Safari for Windows a long time ago.
