Apple yesterday released an update for Safari 5.0.6 and 5.1 which includes a whole battery of security fixes.
If you calculate the magnitude of a security update by the count of CVE (Common Vulnerabilities and Exposures) numbers listed, this one scores a 57.
For the full security story, see Apple’s Knowledgebase article HT4808. For a summary in list form, see below.
Note that Apple’s advice about the update doesn’t make it clear whether Lion users need the update or not. The HT4808 article says that “Safari 5.1 is included with OS X Lion” but also lists “Safari 5.1 (OS X Lion)”, along with earlier OS X versions, in the Products Affected section.
Whether this means that there’s now a newer build of Safari 5.1 for Lion available than is included in the AppStore download or not isn’t clear.
I don’t have OS X 10.7 yet (I’m unwilling to buy it until it is available over the counter for cash), but on my trusty 10.6.8 system, the latest Safari 5.1 is labelled as build 6534.50. I assume if that’s what you have, you’re up-to-date.
(Update: Apparently, the Safari shipped with Lion is up-to-date, and the Safari 5.1 for OS X 10.7 build number is 7534.48.3.)
Of the 57 CVE entries patched, those who reported or sold the relevant vulnerabilities claimed that: 46 might lead to remote code execution; four to information disclosure; three to the spoofing of addresses or content; three to cross-site scripting; and one to the mismanagement of SSL certificates.
The good news is that the update also offers some good, old-fashioned improvements and a few new features, including one called the Reading List, which lets you easily add webpages and links into a reading list to look at later. The non-security-related features in the update are in Apple article HT4611.
Once again, to Mac fanbuoys (and gurls) who insist that Macs are vulnerable only to the sort of malware infection which relies on the user agreeing to a sequence of dubious-looking installation steps: look at all the entries in the list below labelled EXEC. These denote possible remote code execution vulnerabilities in the Safari product.
And a remote code execution exploit means you’re at risk of a drive-by install. That’s where you run untrusted program code silenty, merely by visiting a maliciously-crafted web page.
To add some balance here, let me observe that some of those who traffick in vulnerabilities love to assign the tag “possible remote code execution” to just about any bug by which they are able to crash the victim program with some degree of finesse.
But “possible remote code execution” doesn’t inevitably mean that a known, reliable exploit exists, or that one is even likely. Some horrendous-looking vulnerabilities turn out to be much harder to exploit in the real world than you might at first think, so “possible” may sometimes mean little more than “not inconceivable.”
Nevertheless, this sort of bug is a fault which is potentially dangerous, and needs to be fixed as soon as possible. So get your Safari 5.0.6 and 5.1 updates today.
(And if you aren’t yet running a full-function anti-virus on your Mac – the one built into OS X gives only a sliver of protection – please take advantage of our free Sophos Anti-Virus for Mac Home Edition. Yes, it supports Lion.)
Free Anti-Virus for Mac
Download Sophos Anti-Virus for Mac Home Edition
–
Here is the summary of the security fixes in this latest Safari update:
SAFARI 5.1 AND 5.0.6 - LIST OF SECURITY SECURITY UPDATES
W: Windows only affected
Wm: Windows affected, Mac previously patched
WM: Windows and Mac affected
XSS: Cross site scripting (3 of 57)
EXEC: Remote code execution (46 of 57)
CERT: Certificate trust flaw (1 of 57)
LEAK: Information disclosure (4 of 57)
SPOOF: Wrong domain lookup, address
or content display (3 of 57)
Buggy component Pl Vuln CVE reference
--------------- -- ---- -------------
CFNetwork W XSS CVE-2010-1420
CFNetwork W EXEC CVE-2010-1383
CFNetwork W CERT CVE-2011-0214
ColorSync Wm EXEC CVE-2011-0200
CoreFoundation Wm EXEC CVE-2011-0201
CoreGraphics Wm EXEC CVE-2011-0202
IC for Unicode Wm EXEC CVE-2011-0206
ImageIO W EXEC CVE-2011-0241
ImageIO W EXEC CVE-2011-0215
ImageIO Wm EXEC CVE-2011-0204
libxslt Wm LEAK CVE-2011-0195
libxml W EXEC CVE-2011-0216
Safari WM LEAK CVE-2011-0217
Safari WM SPOOF CVE-2011-0219
WebKit WM EXEC CVE-2010-1823
WebKit WM EXEC CVE-2011-0164
WebKit WM EXEC CVE-2011-0218
WebKit WM EXEC CVE-2011-0221
WebKit WM EXEC CVE-2011-0222
WebKit WM EXEC CVE-2011-0223
WebKit WM EXEC CVE-2011-0225
WebKit WM EXEC CVE-2011-0232
WebKit WM EXEC CVE-2011-0233
WebKit WM EXEC CVE-2011-0234
WebKit WM EXEC CVE-2011-0235
WebKit WM EXEC CVE-2011-0237
WebKit WM EXEC CVE-2011-0238
WebKit WM EXEC CVE-2011-0240
WebKit WM EXEC CVE-2011-0253
WebKit WM EXEC CVE-2011-0254
WebKit WM EXEC CVE-2011-0255
WebKit WM EXEC CVE-2011-0981
WebKit WM EXEC CVE-2011-0983
WebKit WM EXEC CVE-2011-1109
WebKit WM EXEC CVE-2011-1114
WebKit WM EXEC CVE-2011-1115
WebKit WM EXEC CVE-2011-1117
WebKit WM EXEC CVE-2011-1121
WebKit WM EXEC CVE-2011-1188
WebKit WM EXEC CVE-2011-1203
WebKit WM EXEC CVE-2011-1204
WebKit WM EXEC CVE-2011-1288
WebKit WM EXEC CVE-2011-1293
WebKit WM EXEC CVE-2011-1296
WebKit WM EXEC CVE-2011-1449
WebKit WM EXEC CVE-2011-1451
WebKit WM EXEC CVE-2011-1453
WebKit WM EXEC CVE-2011-1457
WebKit WM EXEC CVE-2011-1462
WebKit WM EXEC CVE-2011-1797
WebKit WM EXEC CVE-2011-1774
WebKit WM LEAK CVE-2011-1190
WebKit WM XSS CVE-2011-0242
WebKit WM XSS CVE-2011-1295
WebKit WM SPOOF CVE-2011-1107
WebKit WM LEAK CVE-2011-0244
WebKit WM SPOOF CVE-2010-3829
Leave a reply
