Sophos Cloud Optix
Apple has released Safari 5.0.4 – the latest version of Apple’s browser software for Windows and Mac users – patching an eye-watering 62 security vulnerabilities in the process.
The vulnerabilities, described in an Apple knowledgebase article, were disclosed at the same time as a host of security holes in the iOS software used by the iPhone, iPad and iPod touch were also revealed by the company.
What this means is, just like their iPhone/iPod touch/iPad-owning cousins, people who run Safari on their Mac or Windows computers would be wise to check out the latest available security updates as soon as possible.
Apple doesn’t like to assign severity levels to the security vulnerabilities found in its products, but the bugs in Safari look pretty critical to me. 57 of the 62 bugs can be exploited just by a user visiting a maliciously-crafted website.
If that’s not a reason to install a security update to your Safari browser, I’m not sure what is.
You can download Safari 5.0.4 from Apple’s website for Mac OS X 10.5 (Leopard), Mac OS X 10.6 (Snow Leopard), Windows XP, Windows Vista and Windows 7.
SophosLabs see tens of thousands of legitimately websites that have been infected by malware every single day, so it’s really important to keep your browser up-to-date with the latest security patches.
done and downloaded cheers for that
Another option is to ditch safari and go for something with considerably better security, eg, Firefox.
I do agree with you, better yet, I will use Google Chrome for much better result.
Safari 4.1.3 is essentially Safari 5, but for Tiger. Does the lack of an update for Safari 4 mean that Tiger users are vulnerable to all these things or ?
I’d say Tiger Intel users probably are; Tiger PPC users probably aren’t. If you’re on Tiger Intel, I’d suggest switching to Firefox.
Safari sucks! To resource hog of a browser, not a patch on Firefox or Chrome! Having said that some interesting points in this article.
I'd have to wonder if the Apple that was hacked in 5 seconds at the CanSecWest Conference had the "updates" installed since Safari was the vector used in that attack.
Well gosh darn it, that's impossible! I thought all things Apple-related "just works" and are bulletproof! Also, it's interesting that Apple charges $29 for their Service Packs (OS X 10.7, 10.6, etc.) while Microsoft's SP's are free…..
You peanut. 10.7 is a new OS. It's like going from Windows Vista to Windows 7. I'msure MS don't allow you to upgrade for $29. One eyed MS users are just as bad as one eyed Apple users.