Apple has released Safari 13.1 for macOS 10.14 Mojave and 10.13 High Sierra, resolving a malicious IFRAME logic issue that could use another Web site’s download settings. The update also addresses a variety of WebKit-related problems, including a memory corruption bug that could allow arbitrary code execution after processing maliciously crafted Web content, a race condition that could enable an app to read restricted memory, and an input validation issue that could lead to a cross-site scripting attack. Safari 13.1 is available only via Software Update. (Free, 10.13.6 and 10.14.6)
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 32 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.