Added on 10 Jul 2009(687 Views)
Cupertino-based software developer Apple has rolled out an update for its web browser, Safari 4.0.2. This update is meant to improve the stability of the Nitro JavaScript engine according to Apple, and it is also meant to address a couple of security holes in the software. You are very well advised to update your Safari browser – you can do so via Software Update, or by manually downloading Safari 4.0.2 (download location at the bottom of the article).As a little reminder, Apple rolled out Safari 4.0.1 less than a month ago. The update was meant to fix some compatibility issues between Safari and iPhone 09. Compared to the previous update, version 4.0.2 comes with a bit more grunt: it makes the Nitro JavaScript engine a bit more stable and fixes two vulnerabilities that might put your online security at risk – one may allow cross-site scripting attacks and the other might allow arbitrary code execution.
Here is a more detailed look at the security issues the Safari 4.0.2 update addresses:
CVE-ID: CVE-2009-1724
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.7, Mac OS X Server v10.5.7, Windows XP or Vista
Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack
Description: An issue in WebKit's handling of the parent and top objects may result in a cross-site scripting attack when visiting a maliciously crafted website. This update addresses the issue through improved handling of parent and top objects.
CVE-ID: CVE-2009-1725
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.7, Mac OS X Server v10.5.7, Windows XP or Vista
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue exists in WebKit's handling of numeric character references. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved handling of numeric character references. Credit to Chris Evans for reporting this issue.
If you would like to get Safari 4.0.2, you can download it straight from Apple here.
Don't forget to:
RSSTags: Apple, Safari 4.0.2, Update, Security
Link to this article:
Comments
w5g45bysr - 13 Jul 2009 07:14
good
nata - 11 Jul 2009 08:01
good luck, you has upatate safari
nata - 11 Jul 2009 08:01
good luck, you has upatate safari
Add comment:
Software News
Fun Friday Feature: Cry Translator iPhone App
I remember that some obscure school teacher once told me that speech separates man from beast. Now I always found that reasoning to be somewhat flawed. What about parrots? They can speak – sort of. Or...
I remember that some obscure school teacher once told me that speech separates man from beast. Now I always found that reasoning to be somewhat flawed. What about parrots? They can speak – sort of. Or...
06 Nov 2009
Chrome 3.0 and 4.0 Updated on the Stable and Dev Channel
The guys over at Google are keeping as busy, of not more so, as the guys over at Mozilla. While the Mozilla Foundation has recently released Firefox 3.6 Beta 1 and Firefox 3.5.5, Mountain View-based search engine giant Google ...
The guys over at Google are keeping as busy, of not more so, as the guys over at Mozilla. While the Mozilla Foundation has recently released Firefox 3.6 Beta 1 and Firefox 3.5.5, Mountain View-based search engine giant Google ...
06 Nov 2009
November 09 Patch Tuesday: 6 Security Bulletins, 15 Vulnerabilities
Next week’s first two days are already booked. On Monday, the 9th of November, we will be celebrating Firefox’s 5th anniversary. On Tuesday, we will focus on something less entertaining, mainly patching our...
Next week’s first two days are already booked. On Monday, the 9th of November, we will be celebrating Firefox’s 5th anniversary. On Tuesday, we will focus on something less entertaining, mainly patching our...
06 Nov 2009
Firefox 3.5.5 Update Released
The Mozilla Foundation has released another update for its browser, mainly Firefox 3.5.5. The update follows in the footsteps of Firefox 3.5.4, an update that was released about a week back...
The Mozilla Foundation has released another update for its browser, mainly Firefox 3.5.5. The update follows in the footsteps of Firefox 3.5.4, an update that was released about a week back...
06 Nov 2009
iTunes 9.0.2 Update Loves Apple TV 3.0 Software, Breaks Palm Pre Syncing (Again)
Cupertino-based software developer Apple has recently updated its digital media player iTunes to version 9.0.2. The update, which follows in the footsteps of iTunes 9.0.1 and iTunes 9.0, brings forth one significant new change...
Cupertino-based software developer Apple has recently updated its digital media player iTunes to version 9.0.2. The update, which follows in the footsteps of iTunes 9.0.1 and iTunes 9.0, brings forth one significant new change...
05 Nov 2009
Blacksn0w: Unlock Tool for the iPhone 3G and 3GS
Great news for iPhone 3G and iPhone 3GS users that updated the device to baseband version 05.11; or iPhone 3G and iPhone 3GS users that bought the device with an updated baseband. Original iPhone hacker...
Great news for iPhone 3G and iPhone 3GS users that updated the device to baseband version 05.11; or iPhone 3G and iPhone 3GS users that bought the device with an updated baseband. Original iPhone hacker...
05 Nov 2009
Recommended Tools
Registry Booster 2009
Clean, Repair and Optimize your PC with the #1 industry leading and award-winning utility
Clean, Repair and Optimize your PC with the #1 industry leading and award-winning utility
Driver Scanner 2009
Fast and easy, it boosts performance by scanning for, downloading & installing driver updates
Fast and easy, it boosts performance by scanning for, downloading & installing driver updates
SpeedUpMyPC 2009
How fast is your PC really running? Turbo-charge your Internet and PC performance here
How fast is your PC really running? Turbo-charge your Internet and PC performance here
Nero Burning ROM
LimeWire Basic
Yahoo! Messenger
Winamp
Mozilla Firefox
eMule
BitComet
iTunes
Google Earth
uTorrent