Apple on Wednesday issued updates for its Safari 4 and 5 web browser to fix 15 vulnerabilities, some of which could lead to arbitrary code execution or information disclosure. Safari 5.0.1 and 4.1.1 fix an issue with the browser's auto-fill feature, which is used to automatically fill out web forms using information in a user's computer or address book. The flaw could allow a maliciously crafted website to trigger auto-fill without user interaction, potentially leading to information disclosure. The patch comes one day before Jeremiah Grossman, founder and CTO of WhiteHat Security, is set to present about the vulnerability at the Black Hat conference in Las Vegas. The Safari updates also fix several flaws in WebKit, an open-source application framework. – AM
Patch/Configuration Management, Vulnerability Management
Safari update fixes auto-fill flaw ahead of Black Hat talk
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds