This article is more than 1 year old

Safari and Firefox updates plug critical holes

Drive-by download guard

Tuesday marked a busy day for alternative browser security updates with patches from both Apple and Mozilla.

An update to Apple's Safari browser resolves three vulnerabilities for Windows and two for OS X. One of the flaws is particular to Windows while the other two involve Safari's WebKit engine and affect both Mac and Win flavours of the browser.

All three of the vulnerabilities potentiality allow malicious code injection onto unpatched systems and therefore should be treated as high-priority, critical patches. Users are advised to update to Safari 5.0.2 and Safari 4.1.2 to guard against drive-by download attacks made possible by the flaws, as explained in an advisory from Apple here.

Mozilla also released an updated version of Firefox on Tuesday. Firefox version 3.6.9 resolves 14 vulnerabilities, 10 of which are critical, as explained here. Firefox shares a common codebase with Mozilla's Thunderbird email client and the SeaMonkey application suite, so both these packages also need updating to Thunderbird 3.1.3 and SeaMonkey 2.0.7, respectively. ®

More about

More about

More about

TIP US OFF

Send us news


Other stories you might like