Apple fixes seven Safari security flaws

Apple rolls out security updates to address seven vulnerabilities in its web browser

Safari

Apple has released a security update to fix seven vulnerabilities found in Safari's Webkit framework.

The update can be found on the Apple support page now for OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.4. It applies to Safari 6.1.6 and Safari 7.0.6.

According to Apple, several memory corruption issues were present in Webkit that have been addressed with improved memory handling.

The US-based company said: "Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution."

The global tech giant refused to comment on whether hackers have exploited the vulnerabilities. It said: "For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available.

Even so, the United States Computer Emergency Readiness Team (US-CERT) is urging IT managers to install the updates as a matter of urgency. 

"Users and administrators are encouraged to review Apple security update... and apply the necessary updates," its advisory states. 

Problems with Webkit are not uncommon. It is the open source framework behind Safari, Google Chrome and other OS X applications such as Mail.

While Google Chrome frequently reports vulnerabilities in Webkit, Apple had to release a variety of browser patches in July that also covered problems with the framework.

Featured Resources

Virtual desktops and apps for dummies

An easy guide to virtual desktop infrastructure, end-user computing, and more

Download now

The total economic impact of optimising and managing your hybrid multi-cloud

Cost savings and business benefits of accelerating the cloud journey

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

What’s next for the education sector?

A new learning experience

Download now

Recommended

Apple doubles down in the US with $430 billion investment
business intelligence (BI)

Apple doubles down in the US with $430 billion investment

27 Apr 2021
Data breaches increase by a third as staff continue to work from home
cyber security

Data breaches increase by a third as staff continue to work from home

17 May 2021
What is phishing?
phishing

What is phishing?

17 May 2021
Cisco to acquire threat intelligence provider Kenna Security
Acquisition

Cisco to acquire threat intelligence provider Kenna Security

14 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021