Apple releases Safari update to close seven holes

Sixth update of the year.

Apple has delivered an update to its Safari web browser.

Version 4.0.4 addresses seven vulnerabilities, including three in the WebKit, an engine that allows web browsers to render on web pages.

One of those WebKit flaws could be exploited if an attacker is able to access a maliciously-crafted FTP server to cause arbitrary code execution. Meanwhile, another WebKit vulnerability can result in cross-site request forgery if a user visits a maliciously-crafted web site.

The Safari update, which follows a major Mac OS X patch batch released earlier this week, also fixes a vulnerability in ColorSync, a graphics utility, that could permit code injection if a user views a malicious image with an embedded color profile.

The browser upgrade affects both Windows and Mac users. This is the sixth time Safari has been updated this year.

See original article on scmagazineus.com

In Pictures: iTnews Executive Retreat - Security leaders edition

US arrests Super Micro co-founder for allegedly smuggling GPUs into China

Gov to explore "future connectivity between identity exchanges"

OpenAI to buy Python toolmaker Astral

Hacker says they compromised millions of confidential police tips

Apple releases Safari update to close seven holes

Sixth update of the year.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

CBA builds two AI agents to boost cyber defences

CBA chief impersonated in global investment fraud on Facebook

Researchers uncover 'Darksword' iPhone spyware

US medical device maker Stryker's Microsoft environment attacked

Most popular tech stories

NAB readies to scale AI-based customer interaction

Griffith University takes control of its student recruitment

RACV sets data foundations to underpin AI in customer channels

ABC drops Salesforce for Braze

Craveable Brands has one eye on AI, and the other on the project failure rate

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

'Touch-free' smartphone controlled with head movements

Blackberry celebrates "giant step forward"

Govt launches consumer tech label program for smart devices

Photos: Australian industry explores data for net zero

Telstra Purple acquires IoT specialists Alliance Automation, Aqura Technologies

In Pictures: iTnews Executive Retreat - Security leaders edition

US arrests Super Micro co-founder for allegedly smuggling GPUs into China

Gov to explore "future connectivity between identity exchanges"

OpenAI to buy Python toolmaker Astral

Hacker says they compromised millions of confidential police tips

Apple releases Safari update to close seven holes

Sixth update of the year.

Add iTnews as your trusted source

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

CBA builds two AI agents to boost cyber defences

CBA chief impersonated in global investment fraud on Facebook

Researchers uncover 'Darksword' iPhone spyware

US medical device maker Stryker's Microsoft environment attacked

Most popular tech stories

NAB readies to scale AI-based customer interaction

Griffith University takes control of its student recruitment

RACV sets data foundations to underpin AI in customer channels

ABC drops Salesforce for Braze

Craveable Brands has one eye on AI, and the other on the project failure rate

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

'Touch-free' smartphone controlled with head movements

Blackberry celebrates "giant step forward"

Govt launches consumer tech label program for smart devices

Photos: Australian industry explores data for net zero

Telstra Purple acquires IoT specialists Alliance Automation, Aqura Technologies

Log In