updated 3/13/2012 5:13:06 PM ET 2012-03-13T21:13:06

Apple has released a massive security update to its Safari Web browser, patching a record number of flaws, nearly 90 percent of them leaving a critical component open to attack.

The newest version of the browser, Safari 5.1.4, tackled 83 security glitches in the browser, 72 of which of existed in WebKit, the library used in Safari as well as in other browsers like Google Chrome, and on iOS and Android.

The WebKit vulnerabilities could allow an attacker to carry out several attacks, including cross-site scripting, memory corruption and HTTP authentication credential theft, on a target's unpatched system by luring them to a maliciously crafted website.

Several of the flaws addressed in Safari 5.1.4 were discovered at last week's Pwn2Own hacking contest  by Sergey Glazunov, a researcher who also won $60,000 for finding a bug in Google Chrome.

The Safari update, released yesterday (March 12), comes less than a week after another massive fix from Apple; on March 7, the company pushed out updates to address 81 security bugs in iOS version 5.1, its operating system for the iPhone, iPad and iPod Touch.

Gregg Keizer from  Computerworld  pointed out that yesterday's update marks the largest number of patches Apple has issued for Safari; the previous record was 62, set in March 2011. 

Apple also patched a Safari bug that enabled the recording of private Web browsing. The most current version of Safari is available for download from Apple's website for Snow Leopard or Lion on a Mac, and for Windows XP, Vista and Windows 7 on a PC. No matter what Web browser you prefer, make sure you keep it in top shape by regularly updating it and running anti-virus software  on your system.

© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments