Safari update cages numerous security bugs
Code inject and info flaws fixed
Posted in Enterprise Security, 12th March 2010 16:11 GMT
Free whitepaper – Assuring application service quality
Apple published an update of its Safari browser on Thursday that plugs 16 security vulnerabilities.
Safari 4.0.5, available for Mac OS X and Windows, fixes a slew of critical code injection and information disclosure bugs. Unpatched Windows boxes running Safari are more exposed than their Mac counterparts by flaws that mean surfers who stray onto malicious sites might be exposed to drive-by malware-style attacks. Several critical bugs in the WebKit engine powering Safari mean that all flavours of the browser need a re-tune.
Vulnerable Safari components include ColorSync, ImageIO and the WebKit engine, as explained in Apple's advisory here. ®

The Register Webcast - Desktop Support : The Hub of IT
The Register Guide to managing spam
The Register Green Computing Report
Secure Mobile Working
Risk and Resilience
