Apple has released Safari 7.0.4 for users of OS X 10.9 Mavericks and Safari 6.1.4 for users of 10.8 Mountain Lion and 10.7 Lion, both of which fix multiple critical vulnerabilities associated with WebKit. According to the security note for these updates, both versions of Safari fix a swath of memory corruption issues within the rendering engine that could lead to arbitrary code execution after visiting a maliciously crafted Web site. They also deal with a problem with handling Unicode characters in URLs that could enable a maliciously crafted URL to send out an incorrect postMessage origin. Both updates are available only through Software Update. (Free, 10.9+/10.7–10.8)
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 33 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.