This article originally appeared in TidBITS on 2014-05-22 at 10:32 a.m.
The permanent URL for this article is:
Include images: Off

Safari 7.0.4 and 6.1.4

by Agen G. N. Schmitz

Apple has released Safari 7.0.4 for users of OS X 10.9 Mavericks and Safari 6.1.4 for users of 10.8 Mountain Lion and 10.7 Lion, both of which fix multiple critical vulnerabilities associated with WebKit. According to the security note [1] for these updates, both versions of Safari fix a swath of memory corruption issues within the rendering engine that could lead to arbitrary code execution after visiting a maliciously crafted Web site. They also deal with a problem with handling Unicode characters in URLs that could enable a maliciously crafted URL to send out an incorrect postMessage origin. Both updates are available only through Software Update. (Free, 10.9+/10.7–10.8)