Connect with us

Apple releases Safari 8.0.6 with security updates for OS X Yosemite

Apple News

Apple releases Safari 8.0.6 with security updates for OS X Yosemite

Apple this afternoon released Safari updates for Yosemite (8.0.6), Mavericks (7.1.6), and Mountain Lion (6.2.6). The new versions include fixes for multiple memory corruption issues in WebKit, which Apple says could lead to arbitrary code execution or unexpected application termination when visiting a maliciously-crafted website.

Here are the release notes from Apple’s support document:

WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-1152 : Apple
CVE-2015-1153 : Apple
CVE-2015-1154 : Apple
WebKit History
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3
Impact: Visiting a maliciously crafted website may compromise user information on the filesystem
Description: A state management issue existed in Safari that allowed unprivileged origins to access contents on the filesystem. This issue was addressed through improved state management.
CVE-ID
CVE-2015-1155 : Joe Vennix of Rapid7 Inc. working with HP’s Zero Day Initiative
WebKit Page Loading
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3
Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing
Description: An issue existed in the handling of the rel attribute in anchor elements. Target objects could get unauthorized access to link objects. This issue was addressed through improved link type adherence.
CVE-ID
CVE-2015-1156 : Zachary Durber of Moodle

The new update can be found at the Mac App Store on your Mac.. 

Apple this afternoon launched Safari updates for Yosemite (8.0.6), Mavericks (7.1.6), and Mountain Lion (6.2.6). The new variations come with fixes for more than one reminiscence corruption problems in WebKit, which Apple says may just result in arbitrary code execution or sudden software termination while traveling a maliciously-crafted site.



Here are the discharge notes from Apple’s support document:
WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3
Impact: Visiting a maliciously crafted website online would possibly result in an sudden software termination or arbitrary code execution
Description: Multiple reminiscence corruption problems existed in WebKit. These problems have been addressed thru progressed reminiscence dealing with.
CVE-ID
CVE-2015-1152 : Apple
CVE-2015-1153 : Apple
CVE-2015-1154 : Apple
WebKit History
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3
Impact: Visiting a maliciously crafted site would possibly compromise consumer knowledge at the filesystem
Description: O state control factor existed in Safari that allowed unprivileged origins to get entry to contents at the filesystem. This factor used to be addressed thru progressed state control.
CVE-ID
CVE-2015-1155 : Joe Vennix of Rapid7 Inc. running with HP’s Zero Day Initiative
WebKit Page Loading
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3
Impact: Visiting a malicious site by way of clicking a hyperlink would possibly result in consumer interface spoofing
Description: An factor existed within the coping with of the rel characteristic in anchor parts. Target items may just get unauthorized get entry to to hyperlink items. This factor used to be addressed thru progressed hyperlink sort adherence.
CVE-ID
CVE-2015-1156 : Zachary Durber of Moodle
The new update can also be discovered on the Mac App Store for your Mac.. 
Comments

More in Apple News

Popular

Featured

Advertisement
To Top