This article is more than 1 year old
Let's get patchin' now, everybody's watchin' how, baby fix Safari with me
Come on Apple, patch up your browser….
Apple has pushed out an largish update for security flaws in its Safari browser.
The Cupertino giant said that the Safari 8.0.4, 7.1.4 and 6.2.4 patch would address 17 CVE-listed vulnerabilities in the browser.
The collective update, which patches the newest version of Safari along with older copies on legacy OS X versions, addresses a number of memory corruption flaws in the WebKit browser, including vulnerabilities that would allow remote code execution.
The patch also addresses a flaw that would allow phishing attacks to go undetected.
Cook & Co is advising users to install the fix, though more most the update will be installed automatically through the Apple Software Update utility. Users should be sure that their copy of Safari is the latest build - version 8.0.4, 7.1.4 or 6.2.4 - to prevent attacks.
Not mentioned in the update was a fix for the ongoing private browsing vulnerability plaguing Safari. That flaw is leaving some users vulnerable to the disclosure of sites visited in private browsing sessions.
Apple's latest fix arrives just over a week from Microsoft's last scheduled update. That fix brought Windows users a host of patches for vulnerabilities in Internet Explorer, including remote code execution flaws.
Adobe has also followed suit in releasing an update for security holes in its Flash plug-in.
Cupertino credited its own researchers as well as Google Chrome Security Team members in reporting the vulnerabilities. No other researchers were credited. ®
Biting the hand that feeds IT
