Apple has released an update to their Safari web browser for OS X 10.4, 10.5, 10.6 and Windows platforms. Only 2 of these flaws appear to have been discovered by Apple, yet many of them were reported to Apple by Google and the Google Chrome browser team.
To some extent this is one of the benefits of using the open source WebKit engine that is also used by Google Chrome, Nokia’s Symbian S60 browser, Amazon Kindle, Android, and Adobe Air. With that many eyes looking into the code, flaws can be found and fixed at a much faster rate than with a closed source solution.
Two questions do come to mind though. One is whether these flaws exist in the version of Safari for the iPad/iPhone/iPod Touch. The other is why Apple is saving up 27 vulnerabilities into one release. The previous update from Apple for Safari was in early September, and live Oracle’s Java, I think it may be time for Apple to move to more frequent updates to keep Apple users safe.
If you are a Safari user make sure you apply these updates as soon as possible, as it won’t be long before our criminal adversaries attempt to use their disclosure against us. If you own a personal Mac, why not try out our free Sophos Anti-Virus for OS X?
To download Safari 5.0.3 directly go to http://www.apple.com/safari/download/. Individuals can use the Apple Software Update application and apply the latest updates by choosing “Software Update…” in the Apple menu on OS X.