Just two days after rolling out the Mac OS X Lion, Apple released a massive security update for its web browser Safari to fix more than 50 security vulnerabilities.
The update patched a total of 57 security flaws that affect Windows 7, Vista, XP SP2 and Mac OS X versions of Safari. Forty-six flaws could lead to remote code execution; one to mismanagement of SSL certificates, three to the spoofing of addresses, three to cross-site scripting and four flaws could lead to information disclosure.
Commenting on the massive patch, Andrew Storms from nCircle said, “The shreer number of vulnerabilities being patched in Safari is mind boggling.”
Apple also published an advisory, asking users to update to the new Safari 5.1 web browser, which has a Privacy Pane that allows users to manage data such as Flash cookies.
In addition, Safari 5.1 web browser supports sandboxing in OS X Lion, a feature which quarantines sites to stop those which attempts to access a user's system.
Earlier on Wednesday, the Cupertino-based firm rolled out OS X Lion, which brought a range of new improvements, like AirDrop, and security features, such as full address space layout randomisation (ASLR) that arranges key data areas randomly, making it harder for malware to know where in memory to install.
Related News
- Microsoft’s June ‘Patch Tuesday’ fixes 34 vulnerabilities
- Apple adds do-not-track tool to upcoming Mac OS X 10.7 Lion
- Apple’s new Safari 5 Web browser includes Safari Reader
- Apple irons out Safari 5’s performance issue; rolls out Safari 5.0.1
- Microsoft not to patch IE before Pwn2Own hacking contest
- Google fixes 11 Chrome vulnerabilities; awards researchers for reporting the bugs
- Apple working to fix security flaws in iOS
