Safari security flaw revealed in WebKit

News by Ava Fedorov

A total of 16 memory corruption issues have been found in layout software used by Apple browser, Safari, for rendering pages. The software, WebKit, can be exploited by attackers who set up malicious websites. Visiting such sites could result in application termination or arbitrary code execution, though Apple has said that these issues have been fixed with memory handling improvements. Another WebKit vulnerability allows cyber-criminals to misrepresent a URL via user interface inconsistency.

Apple's own security team is responsible for uncovering most of these security issues. “Inconsistent user interface may prevent users from discerning a phishing attack,” Apple wrote in a public advisory. These security gaps have been addressed in Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 which implement updated interface consistency checks. Simultaneously, Apple has also released updates for a handful of products including iOS, Apple TV and Xcode to address potential vulnerabilities.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews