Home » Mac, Security

Safari 7.0.4, Safari 6.1.4 Updates Address Security Issues

22 May 2014 87 views No Comment

As updates go, this one just barely qualifies. Huh? Apple shipped Safari 7.0.4 (9537.76.2) with OS X 10.9.3 last week and Safari 7.0.4 (9537.76.4) just now…

As app updates go, this one just barely qualifies. That is, Apple shipped Safari 7.0.4 (9537.76.2) with OS X 10.9.3 last week and just delivered Safari 7.0.4 (9537.76.4). What’s new? Patches for a couple security issues.

Here’s an edited, for brevity, version of the security issues these Safari updates patch.

Safari 6.1.4 and Safari 7.0.4

• WebKit

— Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3

— Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

— Description: Multiple memory corruption issues [Ed – 22 to be precise] existed in WebKit. These issues were addressed through improved memory handling.

• WebKit

— Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3

— Impact: A malicious site can send messages to a connected frame or window in a way that might circumvent the receiver’s origin check

— Description: An encoding issue existed in the handling of unicode characters in URLs. A maliciously crafted URL could have led to sending an incorrect postMessage origin. This issue was addressed through improved encoding/decoding.

Safari 7.0.4 and Safari 6.1.4 are available via Software Update within the Mac App Store app.

Via: MacRumors, Source: Apple Knowledge Base

Related Posts:
iTunes 11.2.1 Fixes OS X 10.9.3 Missing Users Folder Issue
Refurbished Mac: MacBook Air, $599; iMac, $1,049
What’s New in OS X 10.9.3, iTunes 11.2
Flextronics Austin Adding Jobs
Apple Is PC Unit Volume King [Again]

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.