Latest Safari update brings fixes for WebKit security flaws

Posted:
in Mac Software edited July 2015
Apple on Tuesday issued new versions of its Safari Web browser for OS X with fixes for two WebKit vulnerabilities that could allow maliciously crafted code to run on a target Mac.




According to release notes supplied with Safari 8.0.4 for OS X 10.10 Yosemite, Safari 7.1.4 for OS X 10.9 Mavericks and Safari 6.2.4 for OS X 10.8 Mountain Lion, the updates are meant to improve app stability and Web browsing security.

The first fix addresses multiple memory corruption issues in WebKit that may lead to unexpected application termination or arbitrary code execution when visiting a maliciously crafted website. Apple improved memory handling to patch the problem.

A second issue pertained to a user interface inconsistency in Safari itself. Prior to today's fix, which includes improved UI consistency checks, attackers could misrepresent a webpage's URL to mask a phishing attack.

Users can download the latest Safari versions 8.0.4, 7.1.4 and 6.2.4 for free through Software Update.

Comments

  • Reply 1 of 11
    magman1979magman1979 Posts: 1,006member
    Awesome, already installing and rocking 8.0.4!

    Anyone know if this update also fixes the recently published issue of Safari remembering browsed sites whilst in Privacy mode?
  • Reply 2 of 11
    lanklank Posts: 27member
    Does not seem to. The "Date Modified" changes on the "WebpageIcons.db" when you open a window a New Private Window. I opened a couple different "Private Windows" and each time the "Date Modified" changed but the "Size" did not change. I don't know how to read the file so could not see what it modified.
  • Reply 3 of 11
    I do wish that Apple would bundle these updates in with Yosemite rather than dripping them out.
  • Reply 4 of 11
    fastasleepfastasleep Posts: 1,212member
    Quote:

    Originally Posted by Benjamin Frost View Post



    I do wish that Apple would bundle these updates in with Yosemite rather than dripping them out.



    And I'd rather get important security updates right away rather than waiting for larger OS update bundles.

  • Reply 5 of 11
    agramonteagramonte Posts: 345member

    no idea why they still wasting time on this - nobody cares about Safari anymore. 

  • Reply 6 of 11
    wizard69wizard69 Posts: 12,354member
    You do realize that this is a security update and an important one at that.
    I do wish that Apple would bundle these updates in with Yosemite rather than dripping them out.
  • Reply 7 of 11
    wizard69wizard69 Posts: 12,354member
    safari is pretty good, I use it all the time when performance and battery power are important. In fact there is nothing on the market i'd trade it for.
    agramonte wrote: »
    no idea why they still wasting time on this - nobody cares about Safari anymore. 
  • Reply 8 of 11
    elijahgelijahg Posts: 557member
    agramonte wrote: »
    no idea why they still wasting time on this - nobody cares about Safari anymore. 

    Really.
  • Reply 9 of 11
    magman1979magman1979 Posts: 1,006member
    I do wish that Apple would bundle these updates in with Yosemite rather than dripping them out.

    Another batch of mindless drivel coming from your direction I see... By your logic, critical security issues would go unfixed for months between major OS X updates, bloody stupid.
    agramonte wrote: »
    no idea why they still wasting time on this - nobody cares about Safari anymore. 

    Nobody cares about your uninformed, trollish opinion. Safari is the best browser on OS X, period, especially when considered against battery and memory hogs Chrome and Firefox.
    elijahg wrote: »
    Really.

    He's just a troll, don't feed him any further.
  • Reply 10 of 11
    mpantonempantone Posts: 1,337member
    Quote:

    Originally Posted by Benjamin Frost View Post



    I do wish that Apple would bundle these updates in with Yosemite rather than dripping them out.



    If they are non-critical updates, yeah, I'd agree.

     

    However, this is a web browser security update and web browsers are probably the most vulnerable piece of software pre-installed on your computer.

     

    Only a complete fool would want to delay a browser security update for convenience.

  • Reply 11 of 11
    coolfactorcoolfactor Posts: 1,226member
    Quote:

    Originally Posted by Lank View Post



    Does not seem to. The "Date Modified" changes on the "WebpageIcons.db" when you open a window a New Private Window. I opened a couple different "Private Windows" and each time the "Date Modified" changed but the "Size" did not change. I don't know how to read the file so could not see what it modified.



    To read the file, just select it in Finder and then press the Spacebar to open up the Quick View window. There will be a lot of junk in there, but you can still see the URLs that are saved from each website.

Sign In or Register to comment.