Apple issues critical Safari security updates
Apple has released two updates to address "multiple" vulnerabilities in its web browsing software
Apple has released a pair of software updates for its Safari web browser following the discovery of multiple vulnerabilities that could leave users at risk of remote attacks.
The Safari 6.1.4 and Safari 7.0.4 updates are applicable to users of OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.3.
According to an Apple Security advisory, those who fail to install the updates could leave their systems exposed to arbitrary code execution attacks, whereby an unauthorised third party could take control of the users’ machine.
“Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution,” Apple warned.
There is also a risk users could experience postmessage issues if the security flaws remain unaddressed.
“A malicious site [could] send messages to a connected frame or window in a way that might circumvent the receiver's origin check,” the site stated.
The updates are available to download now via Apple’s support site.
News of the Apple web browser vulnerabilities comes hot on the heels of yesterday’s report about Microsoft’s failure to patch a critical and long-standing flaw in an older version of its Internet Explorer software.
As reported by IT Pro, the flaw can be exploited when users of Internet Explorer 8 access malicious websites, and could allow hackers to take control of their devices.