{"id":1835,"date":"2010-06-08T09:48:09","date_gmt":"2010-06-08T08:48:09","guid":{"rendered":"http:\/\/blog.intego.com\/?p=1835"},"modified":"2012-12-12T13:57:57","modified_gmt":"2012-12-12T21:57:57","slug":"apple-updates-safari-web-browser-security-fixes-included","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/","title":{"rendered":"Apple Updates Safari Web Browser; Security Fixes Included"},"content":{"rendered":"<p>Apple has released version 5 of its Safari web browser for Mac OS X and Windows, along with a security update for Safari 4.1, for those users unable to use version 5 (which requires Mac OS X 10.6, Snow Leopard). The updates contain dozens of security fixes for the Safari program, as well as for WebKit, the program&#8217;s HTML rendering engine which is also used by other programs. Some of the fixes correct the following bugs:<\/p>\n<ul>\n<li>A maliciously crafted URL may be obfuscated, making phishing attacks more effective<\/li>\n<li>Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution<\/li>\n<li>Visiting a maliciously crafted website and dragging or pasting links or images may send files from the user&#8217;s system to a remote server<\/li>\n<li>Dragging or pasting a selection may lead to a cross-site scripting attack<\/li>\n<li>Visiting a maliciously crafted website may cause files to be created in arbitrary user-writable locations<\/li>\n<li>Interacting with a maliciously crafted website may result in unexpected actions on other sites<\/li>\n<li>Visiting an HTTPS site which redirects to an HTTP site may lead to an information disclosure<\/li>\n<li>Visiting a maliciously crafted website may result in sending remotely specified data to arbitrary TCP ports<\/li>\n<li>A user&#8217;s NTLM credentials may be exposed to a man in the middle attacker<\/li>\n<li>Visiting a maliciously crafted website may disclose images from other sites<\/li>\n<li>Visiting a maliciously crafted website may change the contents of the clipboard<\/li>\n<li>A maliciously crafted website may be able to determine which sites a user has visited<\/li>\n<\/ul>\n<p>The wide variety of possible vulnerabilities listed above is a sobering reminder that one of the main vectors of security threats today is the web. All of the above, it is important to note, can take place with no user interaction: often the &#8220;maliciously crafted websites&#8221; are hacked to include links that will exploit vulnerabilities; it&#8217;s not even the user who has to go into the dark alleys of the Internet to get hit. This is why today&#8217;s security software has to protect against web threats as well as malware. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apple has released version 5 of its Safari web browser for Mac OS X and Windows, along with a security update for Safari 4.1, for those users unable to use version 5 (which requires Mac OS X 10.6, Snow Leopard). The updates contain dozens of security fixes for the Safari program, as well as for [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":1647,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[3151,115,119],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Apple has released version 5 of its Safari web browser for Mac OS X and Windows, along with a security update for Safari 4.1, for those users unable to\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Apple Updates Safari Web Browser; Security Fixes Included - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Apple has released version 5 of its Safari web browser for Mac OS X and Windows, along with a security update for Safari 4.1, for those users unable to\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2010-06-08T08:48:09+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2012-12-12T21:57:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/05\/safari1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"128\" \/>\n\t<meta property=\"og:image:height\" content=\"136\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Peter James\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/05\/safari1.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/05\/safari1.jpg\",\"width\":\"128\",\"height\":\"136\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/\",\"name\":\"Apple Updates Safari Web Browser; Security Fixes Included - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#primaryimage\"},\"datePublished\":\"2010-06-08T08:48:09+00:00\",\"dateModified\":\"2012-12-12T21:57:57+00:00\",\"description\":\"Apple has released version 5 of its Safari web browser for Mac OS X and Windows, along with a security update for Safari 4.1, for those users unable to\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Apple Updates Safari Web Browser; Security Fixes Included\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\"},\"headline\":\"Apple Updates Safari Web Browser; Security Fixes Included\",\"datePublished\":\"2010-06-08T08:48:09+00:00\",\"dateModified\":\"2012-12-12T21:57:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#webpage\"},\"wordCount\":346,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/05\/safari1.jpg\",\"keywords\":[\"Apple\",\"Safari\",\"Security Update\"],\"articleSection\":[\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\",\"name\":\"Peter James\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"caption\":\"Peter James\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Apple has released version 5 of its Safari web browser for Mac OS X and Windows, along with a security update for Safari 4.1, for those users unable to","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/","og_locale":"en_US","og_type":"article","og_title":"Apple Updates Safari Web Browser; Security Fixes Included - The Mac Security Blog","og_description":"Apple has released version 5 of its Safari web browser for Mac OS X and Windows, along with a security update for Safari 4.1, for those users unable to","og_url":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/","og_site_name":"The Mac Security Blog","article_published_time":"2010-06-08T08:48:09+00:00","article_modified_time":"2012-12-12T21:57:57+00:00","og_image":[{"width":"128","height":"136","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/05\/safari1.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Peter James","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/05\/safari1.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/05\/safari1.jpg","width":"128","height":"136"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/","name":"Apple Updates Safari Web Browser; Security Fixes Included - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#primaryimage"},"datePublished":"2010-06-08T08:48:09+00:00","dateModified":"2012-12-12T21:57:57+00:00","description":"Apple has released version 5 of its Safari web browser for Mac OS X and Windows, along with a security update for Safari 4.1, for those users unable to","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Apple Updates Safari Web Browser; Security Fixes Included"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116"},"headline":"Apple Updates Safari Web Browser; Security Fixes Included","datePublished":"2010-06-08T08:48:09+00:00","dateModified":"2012-12-12T21:57:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#webpage"},"wordCount":346,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-updates-safari-web-browser-security-fixes-included\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/05\/safari1.jpg","keywords":["Apple","Safari","Security Update"],"articleSection":["Security &amp; Privacy"],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116","name":"Peter James","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","caption":"Peter James"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2010\/05\/safari1.jpg","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-tB","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/1835"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=1835"}],"version-history":[{"count":0,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/1835\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/1647"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=1835"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=1835"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=1835"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}