Apple patches steaming heap of Safari bugs
Fixes record number of security vulns, adds speed
By the way, don't bother checking the web page to which Apple sends you for details on Safari 5.1.4's security update – at least not yet. As is Apple's tradition, they're late on providing that info, and the page had yet to be updated by 10:00am Pacific Time on Monday. Check that first link in our previous paragraph, instead.
The vast majority of the patches – 72 – are for vulnerabilities in WebKit, including some that could, in Apple's standard wording, result in the dreaded "arbitrary code execution". Another vuln, now fixed, allowed cookies to be set even when Safari was set to block them.
Other niceties are also delived in Safari 5.1.4. For example, links in downloaded PDFs are now preserved, a bug that caused screen dimming when watching HTML5 movies has been fixed, and cookies that are set during regular browsing sessions are now available during Private Browsing sessions – meaning that any cookies you set when you were in the open will work when you're hiding, but you still won't set any when you're private.
The update is for Safari running on OS X Lion 10.7.3 and Snow Leapord 10.6.8, and Windows XP SP2, Vista, or Windows 7. You can find it in all the usual places: the Apple menu's Software Update or download page, and Windows users running Safari will be notified by the Apple Software Update utility. ®
- Apple M1
- App stores
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Tim Cook
- Trusted Platform Module
- Zero Day Initiative
- Zero trust