Apple Patches Dozens Of Safari Security Flaws
Apple has patched 58 security flaws in its web browser and introduced a handful of new security features
Apple has patched 58 security flaws in its Safari web-browser and the open source WebKit browser engine this week.
The flaws affect Windows 7, Vista, XP SP2 or later and Mac OS platforms and it is recommended all users update to Safari 5.1.
The vulnerabilities could allow invaders to execute arbitrary code, perform cross-site scripting attacks or disclose sensitive information, the US Computer EmergencyRreadiness Team (CERT) said on its site.
The flaws also involve buffer and integer overflows and multiple memory corruption issues, according to Apple.
Potentially devastating arbitrary code attacks could be executed just by visiting maliciously crafted websites or TIFF downloads.
A busy week for Apple
As well as responding to the holes in Safari. Apple has also introduced several new security features including a ‘Privacy Pane’ setting which allows for managing and deleting cookies, sandboxing of web content and apps and private autofill of web forums.
The update comes hot on the heels of Apple’s latest Mac OS, codenamed Lion, and record-breaking financials for the last quarter. The Safari 5.1 update is included in Lion.
The perception of Mac OS X’s relative immunity to malware has been exposed as a fallacy in recent months as fake AV and malware has surfaced to take advantage of Apple products’ growing popularity.