NOW READ THIS
("Security Advisory")

Go Back

---

Submitted by: Bill Hickey
NCVA List Master

NRT-0221 Apple Releases Second SAFARI Patch:

Apple issued security updates to patch four vulnerabilities in Mac OS/X and the SAFARI Beta, marking the second time in eight days that the company has had to fix its newest browser, which runs on both Mac and Windows XP, and VISTA machines. The 2007-2006 update for Mac OS/X 10.3, "Panther" and 10.4 "Tiger," fixes a pair of problems in SAFARI - the production -quality versions bundled with the operating system - including a memory corruption vulnerability that could end with an attacker in control of the Mac. "Visiting a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution," Apple said in its alert. Mac SAFARI 3.0.2 patches another XSS bug, while the Windows edition fixes that, plus a separate vulnerability that could let an attacker disguise the browser's address bar, perhaps as part of a spoofed site meant to trick users into divulging confidential information, such as bank account passwords. Windows users can update SAFARI to 3.0.2 by downloading the new version from Apple's site, or by running the optional Apple Software Update Utility.

(Computerworld 22JUN07)

Last Modified: Saturday, 21-Jul-2007 10:34:12 EDT