Apple Computer has updated Safari 3.1 to 3.1.1, patching four security vulnerabilities that affect both Mac OS X and Windows versions of the Web browser.
For Windows XP and Vista users, Safari v 3.1.1 addresses four flaws: two of which -- the first, a memory overflow error in the browser itself and second, a buffer overflow in the JavaScript component -- could both be exploited by an attacker to remotely install and execute malware on a target system. The third flaw is in the browser, and allows a URL to be displayed sans the page being loaded. The fourth flaw meanwhile is in the browser's WebKit component; an attacker could use a malformed URL to exploit the vulnerability, and carry out a cross-site scripting attack. Safari 3.1.1 endeavors to fix two of the vulnerabilities in the Mac version and all four vulnerabilities in the Windows version.
The Safari update can be downloaded through Apple's Software Update application or from the company's Safari download Web site.
Posts
No comments:
Post a Comment