06 Jun 2013
Apple pushed on Tuesday an update that fixes more than 30 vulnerabilities in the operating system software, including a critical bug in Safari.
According to the Apple security advisory, the update fixes issues in WebKit, the HTML engine in Safari, but also improves compatibility and interoperability with third-party services such as Microsoft Exchange.
The new version of Safari (6.0.5) patches 23 security bugs that allow either remote code execution (read: people running malware in your browser after visiting a specially crafted link), or cross-site scripting. Other mitigated flaws would allow, if exploited, to expose sensitive information or crash the system altogether.
“US-CERT encourages users and administrators to review Apple Security article HT5784 and apply any necessary updates to help mitigate these risks,” reads the US-CERT advisory.