Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Latest Safari update brings fixes for WebKit security flaws

Last updated

Apple on Tuesday issued new versions of its Safari Web browser for OS X with fixes for two WebKit vulnerabilities that could allow maliciously crafted code to run on a target Mac.

According to release notes supplied with Safari 8.0.4 for OS X 10.10 Yosemite, Safari 7.1.4 for OS X 10.9 Mavericks and Safari 6.2.4 for OS X 10.8 Mountain Lion, the updates are meant to improve app stability and Web browsing security.

The first fix addresses multiple memory corruption issues in WebKit that may lead to unexpected application termination or arbitrary code execution when visiting a maliciously crafted website. Apple improved memory handling to patch the problem.

A second issue pertained to a user interface inconsistency in Safari itself. Prior to today's fix, which includes improved UI consistency checks, attackers could misrepresent a webpage's URL to mask a phishing attack.

Users can download the latest Safari versions 8.0.4, 7.1.4 and 6.2.4 for free through Software Update.



11 Comments

magman1979 11 Years · 1301 comments

Awesome, already installing and rocking 8.0.4! Anyone know if this update also fixes the recently published issue of Safari remembering browsed sites whilst in Privacy mode?

lank 14 Years · 27 comments

Does not seem to. The "Date Modified" changes on the "WebpageIcons.db" when you open a window a New Private Window. I opened a couple different "Private Windows" and each time the "Date Modified" changed but the "Size" did not change. I don't know how to read the file so could not see what it modified.

benjamin frost 11 Years · 7198 comments

I do wish that Apple would bundle these updates in with Yosemite rather than dripping them out.

fastasleep 14 Years · 6451 comments

Quote:
Originally Posted by Benjamin Frost 

I do wish that Apple would bundle these updates in with Yosemite rather than dripping them out.


And I'd rather get important security updates right away rather than waiting for larger OS update bundles.

agramonte 13 Years · 345 comments

no idea why they still wasting time on this - nobody cares about Safari anymore.