Security Patches for Safari

Apple released a security update to Safari on March 17 which applied to versions of Safari running not only on Yosemite, but Mavericks and Mountain Lion as well. Apple did not release any details on the vulnerabilities being patched, other than to say that:

  • Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.
  • A user interface inconsistency existed in Safari that allowed an attacker to misrepresent the URL. This issue was addressed through improved user interface consistency checks.

The memory corruption issues allowed a malicious web site to cause an unexpected application termination or the execution of malicious code, while the user interface inconsistencies opened a door to possible phishing attacks.

As always, the best practice is to keep up-to-date with security related patches.


See my other Security and OS X related articles


 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.