Alongside the release of OS X 10.8 Mountain Lion earlier today, Apple has published version 6.0 of its Safari web browser for OS X 10.7 Lion, adding a number of new features and closing numerous security holes.
According to the company, the major update addresses more than 120 vulnerabilities found in the previous 5.x branch.
Among the holes closed are problems in the handling of feed:// URLs could have led to cross-site scripting (XSS) attacks or users' files being sent to a remote server. A bug in the autocomplete system used by Safari, which may have resulted in passwords being automatically inserted even when a site specifies that it shouldn't be, has been fixed, as has an XSS issue caused by opening maliciously crafted files on certain pages.
A full list of security fixes can be found in Apple's security advisory. Users running Mac OS X 10.7.4 can upgrade to Safari 6 using the built-in Software update function. All users are advised to upgrade as soon as possible.
According to the company, the major update addresses more than 120 vulnerabilities found in the previous 5.x branch.
Among the holes closed are problems in the handling of feed:// URLs could have led to cross-site scripting (XSS) attacks or users' files being sent to a remote server. A bug in the autocomplete system used by Safari, which may have resulted in passwords being automatically inserted even when a site specifies that it shouldn't be, has been fixed, as has an XSS issue caused by opening maliciously crafted files on certain pages.
A full list of security fixes can be found in Apple's security advisory. Users running Mac OS X 10.7.4 can upgrade to Safari 6 using the built-in Software update function. All users are advised to upgrade as soon as possible.