Apple posts Safari 7.0.4/6.1.4 with fixes for WebKit vulnerabilities

Safari icon (medium)

Following the release of OS X 10.9.3iTunes 11.2 and the subsequent iTunes 11.2.1 update (which fixed the disappearing Users folder in OS X 10.9.3), Apple on Wednesday issued a pair of Safari updates for OS X Lion, Mountain Lion and Mavericks systems.

Both Safari 7.0.4 for OS X Mavericks 10.9.3 and Safari 6.1.4 for OS X Lion 10.7.5, OS X Lion Server 10.7.5 and OS X Mountain Lion 10.8.5 are now available with fixes for vulnerabilities found in WebKit, the browser’s open-sourced rendering engine…

Apple’s support document outlines the nature of the WebKit flaw plaguing Safari, which could be exploited by hackers to allow a maliciously crafted website to produce an unexpected application termination or arbitrary code execution.

The Safari updates also fix another issue in the browser’s handling of unicode characters in URLs that could let malicious websites send messages to a connected frame or window “in a way that might circumvent the receiver’s origin check”.

It’s worth mentioning again that Apple protects your own security by not disclosing, discussing or confirming security issues “until a full investigation has occurred and any necessary patches or releases are available.”

Apple advises all users to install this Safari update to make their systems more secure and less susceptible to attacks.

You can apply the free Safari update using the Mac’s Software Update mechanism or download the installer directly from Apple’s website.