September 24, 2016

Security Updates for Safari

Apple has released versions 5.0.3 and 4.1.3 of its Internet browser Safari. The updates address several security vulnerabilities in the WebKit-based browser. The Safari updates fix more than 25 security holes in the browser’s open source WebKit rendering engine, most of them rated as critical.

Safari 5.0.3 & Safari 5.0.3 Windows update highlights:

  • More accurate Top Hit results in the Address Field
  • More accurate results in Top Sites
  • Fixes an issue that could cause content delivered with the Flash 10.1 plug-in to overlap web page content
  • More reliable pop-up blocking
  • Fixes an issue that affected playback of some videos shot or edited to include rotations and flips
  • Improved stability when typing into search and text input fields on www.netflix.com and www.facebook.com
  • Improved stability when using JavaScript-intensive extensions
  • Improved stability when using VoiceOver with Safari
[ad code=6 align=left]

For detailed information on the security content of this update, please visit this site:http://support.apple.com/kb/HT1222

Safari 5.0.3 is available to download for Mac OS X 10.5.8 Leopard, 10.6.2 Snow Leopard and Windows XP SP2 or later. Alternatively, Safari 4.1.3 is provided for users running Mac OS X 10.4.11 Tiger. Mac OS X users can upgrade to the latest release via the built-in Software Update function. All users are advised to upgrade to the latest release as soon as possible.

Kernel-level Vulnerability in All versions of the Microsoft Windows

According to TheRegister.co.uk, researchers have identified a kernel-level vulnerability in Windows. This vulnerability allows attackers to gain escalated privileges and may also allow them to remotely execute malicious code. All versions of the Microsoft OS are affected, including Windows 7.

The buffer overflow, which was originally reported, can be exploited to escalate privileges or crash vulnerable machines, IT research company Vupen said. The flaw may also allow attackers to execute arbitrary code with kernel privileges.

Read more about this vulnerability here.