Your one-stop web resource providing safety and security information to manufacturers

Vulnerability fixes for the Safari browser are now within Apple’s latest Mavericks operating system (version 10.9.1).

Safari 7.0.1 released Monday, and the browser update addresses eight arbitrary code execution flaws, as well as a bug that could allow the disclosure of users’ credentials.

RELATED STORIES
Password Leakage in Safari
Google Fixes Chrome Hole
Security Fixes for Firefox 25
Browser Security Warnings Effective

Arbitrary code execution vulnerabilities could lead to “unexpected application termination” or to malicious code executed by an attacker if a user visits an infected website, the company revealed.

Google’s Chrome security team disclosed three of the code execution flaws to Apple.

Cyber Security

Exploit of the information disclosure bug in Safari (CVE-2013-5227) could end up leveraged through websites that utilize autofill, Apple said.

“Safari may have autofilled user names and passwords into a subframe from a different domain than the main frame,” Apple said of the bug. “This issue was addressed through improved origin tracking.”

Pin It on Pinterest

Share This