WatchGuard Wire
Improve Your Security IQ
Gargantuan Safari Update Fixes Over 50 Vulnerabilities
8 June 09 -- I'm not much of a Safari user, even on my Macbook Pro. I prefer Firefox and some of the awesome extensions it offers (such as NoScript). Nonetheless, the Safari update Apple released today fixes so many critical vulnerabilities that it has even non-regular Safari users like me scrambling to patch.
According to Apple's advisory, Safari 4.0 fixes over fifty vulnerabilities in Apple's web browser. I won't waste your time by going over even a portion of these vulnerabilities in any detail. Instead, let me cut to the chase. By enticing you to a malicious web site, an attacker can exploit the worst of these vulnerabilities to execute arbitrary code on your computer, potentially gaining complete control of it. Several of the vulnerabilities this update fixes pose a critical risk. Knowing that alone should convince you to upgrade as soon as possible.
If you use Apple's Software Update, it hopefully has already informed you of this new patch. You should go ahead and let it install, if you haven't already. Otherwise, you can manually download Safari 4.0 for Mac or PC on Apple's Downloads page. One note: Apple has had a busy day of announcements today at their Worldwide Developers Conference (WWDC), where they introduced the world to the latest iPhone. I mention this only to warn you that their download page may no be as snappy as usual due to increased attention. -- Corey Nachreiner, CISSP
Copyright© 2009 WatchGuard® Technologies, Inc. You may copy and distribute this article freely in any medium as long as you copy and distribute the entire article without change and preserve this copyright statement and notice.
|
