58 Safari Bugs Patched To Prevent Drive By Attacks

By | July 21, 2011


58 Safari Bugs Patched To Prevent Drive By AttacksApple updated Safari to version 5.1 yesterday, patching 58 security vulnerabilities and beefing up the browser with several new features, including sandboxing on Mac OS X 10.7.

Safari 5.1 is bundled with Lion, the operating system Apple released earlier yesterday. Good news is that it also runs on Mac OS X 10.6 i.e. Snow Leopard. A separate Safari update to version 5.0.6 was also issued today for users running Mac OS X 10.5, or Leopard.

58 flaws in Safari were patched with this update with one of them specific to the Mac version, 14 that affected only the Windows edition, and 44 that impacted both platforms. 47 of the 58 were associated with Apple’s “arbitrary code execution” phrasing, meaning that the company considered them critical.

The vast majority of the bugs patched today – 43 of the 58 – were in WebKit, the open source browser engine that powers Safari and also Google Chrome.

Multiple memory corruption issues existed in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. – The security advisory that accompanied the Safari 5.1 update

Apple’s description indicates that the vulnerabilities could be exploited through drive by attacks that only require cyber criminals to trick victims into visiting a malware serving URL.

Regarding new features, Reading List is one of them, and is inspired by the third party program Instapaper. What it does is eliminate Web ads on content marked for later viewing, so that certainly comes in handy.

Safari 5.1 also supports some features exclusive to Lion, ranging from the operating system’s multi touch support and full screen view to automatic resume and sandboxing.

If a website contains malicious code intended to capture personal data or take control of your computer, sandboxing automatically blocks it to keep your computer and your information safe. – Apple on its Safari 5.1 website today.


About (Author Profile)


Being passionate about software, Armin joined FavBrowser.com in early 2011 and has been actively writing ever since. Having accepted the challenge, he also enjoys watching anime, indulging in good books, staying fit and healthy, and trying new things.

Comments (8)

Trackback URL | Comments RSS Feed

  1. @ Armin, should have titled: Safari 5.1 *something* :P

  2. IE & Opera FanBoy says:

    Wow!! thats great!

  3. toenailsin says:

    limit yourself to news worthy browsers. =D

    • Sarjoor says:

      Safari is a newsworthy browser.  Safari is what made WebKit rendering engine famous, is the 4th most used browser worldwide, has 7% worldwide market share, was the first to pass Acid3 100/100, has very fast webpage rendering and Javascript, and now has separate processes for security and performance enhancements.

      What’s not newsworthy about that?

  4. Shane Bundy says:

    But it still carries an outdated version of WebKit.

  5. Asknobody says:

    So it’s vulnerable as Safari on iPhone? Apple never cared about high quality, secure coding