Latest Safari update brings fixes for WebKit security flaws
Apple on Tuesday issued new versions of its Safari Web browser for OS X with fixes for two WebKit vulnerabilities that could allow maliciously crafted code to run on a target Mac.
According to release notes supplied with Safari 8.0.4 for OS X 10.10 Yosemite, Safari 7.1.4 for OS X 10.9 Mavericks and Safari 6.2.4 for OS X 10.8 Mountain Lion, the updates are meant to improve app stability and Web browsing security.
The first fix addresses multiple memory corruption issues in WebKit that may lead to unexpected application termination or arbitrary code execution when visiting a maliciously crafted website. Apple improved memory handling to patch the problem.
A second issue pertained to a user interface inconsistency in Safari itself. Prior to today's fix, which includes improved UI consistency checks, attackers could misrepresent a webpage's URL to mask a phishing attack.
Users can download the latest Safari versions 8.0.4, 7.1.4 and 6.2.4 for free through Software Update.
According to release notes supplied with Safari 8.0.4 for OS X 10.10 Yosemite, Safari 7.1.4 for OS X 10.9 Mavericks and Safari 6.2.4 for OS X 10.8 Mountain Lion, the updates are meant to improve app stability and Web browsing security.
The first fix addresses multiple memory corruption issues in WebKit that may lead to unexpected application termination or arbitrary code execution when visiting a maliciously crafted website. Apple improved memory handling to patch the problem.
A second issue pertained to a user interface inconsistency in Safari itself. Prior to today's fix, which includes improved UI consistency checks, attackers could misrepresent a webpage's URL to mask a phishing attack.
Users can download the latest Safari versions 8.0.4, 7.1.4 and 6.2.4 for free through Software Update.
Comments
Anyone know if this update also fixes the recently published issue of Safari remembering browsed sites whilst in Privacy mode?
I do wish that Apple would bundle these updates in with Yosemite rather than dripping them out.
And I'd rather get important security updates right away rather than waiting for larger OS update bundles.
no idea why they still wasting time on this - nobody cares about Safari anymore.
Really.
Another batch of mindless drivel coming from your direction I see... By your logic, critical security issues would go unfixed for months between major OS X updates, bloody stupid.
Nobody cares about your uninformed, trollish opinion. Safari is the best browser on OS X, period, especially when considered against battery and memory hogs Chrome and Firefox.
He's just a troll, don't feed him any further.
I do wish that Apple would bundle these updates in with Yosemite rather than dripping them out.
If they are non-critical updates, yeah, I'd agree.
However, this is a web browser security update and web browsers are probably the most vulnerable piece of software pre-installed on your computer.
Only a complete fool would want to delay a browser security update for convenience.
Does not seem to. The "Date Modified" changes on the "WebpageIcons.db" when you open a window a New Private Window. I opened a couple different "Private Windows" and each time the "Date Modified" changed but the "Size" did not change. I don't know how to read the file so could not see what it modified.
To read the file, just select it in Finder and then press the Spacebar to open up the Quick View window. There will be a lot of junk in there, but you can still see the URLs that are saved from each website.