quote:Apple publishes big Safari security update - Lion users included
Apple yesterday released an update for Safari 5.0.6 and 5.1 which includes a whole battery of security fixes.
If you calculate the magnitude of a security update by the count of CVE (Common Vulnerabilities and Exposures) numbers listed, this one scores a 57.
Note that even though the update came out after the official release of Lion, the brand-new 10.7 flavour of OS X needs this update too. So don't assume that you have the latest Safari because you have the very latest OS X. You don't.
Of the 57 CVE entries patched, those who reported or sold the relevant vulnerabilities claimed that: 46 might lead to remote code execution; four to information disclosure; three to the spoofing of addresses or content; three to cross-site scripting; and one to the mismanagement of SSL certificates....