Safari 8.0.6, 7.1.6 si 6.2.6 au fost lansate

De către
Adrian Gabor
-

Safari iconitaSafari 8.0.6, 7.1.6 si 6.2.6 au fost lansate au fost lansate de catre compania Apple in cursul noptii trecute pentru posesorii de Mac-uri din lumea intreaga, actualizarile avand rolul de a rezolva unele probleme de securitate ale browserului nativ al sistemului de operare OS X. OS X Yosemite, Mavericks si Mountain Lion sunt versiunile sistemului de operare afectate si pentru care actualizarile sunt disponibile pentru utilizatori, asa ca in alte versiuni nu le veti putea gasi deocamdata.

Utilizatorii sistemelor de operare OS X Yosemite, Mavericks, and Mountain Lion ofera posibilitatea de a instala actualizarile prin sistemul Software Update, astfel ca veti putea beneficia imediat de imbunatatirile oferite de catre Apple pentru voi.

Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6

  • WebKitAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3

    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

    Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.

    CVE-ID

    CVE-2015-1152 : Apple

    CVE-2015-1153 : Apple

    CVE-2015-1154 : Apple

  • WebKit HistoryAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3

    Impact: Visiting a maliciously crafted website may compromise user information on the filesystem

    Description: A state management issue existed in Safari that allowed unprivileged origins to access contents on the filesystem. This issue was addressed through improved state management.

    CVE-ID

    CVE-2015-1155 : Joe Vennix of Rapid7 Inc. working with HP’s Zero Day Initiative

  • WebKit Page LoadingAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3

    Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing

    Description: An issue existed in the handling of the rel attribute in anchor elements. Target objects could get unauthorized access to link objects. This issue was addressed through improved link type adherence.

    CVE-ID

    CVE-2015-1156 : Zachary Durber of Moodle

ARTICOLE SIMILAREDE LA ACELAȘI AUTOR