Apple has updated its Safari web browser to version 9.0.2, available for OS X Mavericks 10.9.5, OS X Yosemite 10.10.5, OS X El Capitan 10.11 and 10.11.1. If this update applies to you, it’s a good idea to install the latest Safari version immediately — otherwise it may become your weakest security link.
Software updates may seem trivial, but the truth is they are important to help protect against known vulnerabilities. Hackers can exploit weaknesses in software and use malware to infect Macs in an attempt to steal data or reveal your private information. Updates only take a few moments to install and, as is the case with Apple’s Safari 9.0.2 update, usually include critical security patches.
Following is a list of the vulnerabilities patched in Safari 9.0.2, according to Apple:
- CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, CVE-2015-7103, CVE-2015-7104 : Visiting a maliciously crafted website may lead to arbitrary code execution. Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.
- CVE-2015-7050 : Visiting a maliciously crafted website may reveal a user’s browsing history. An insufficient input validation issue existed in content blocking. This issue was addressed through improved content extension parsing.
Mac users can install the updated Safari browser by choosing Apple menu > App Store…, or the updates may be obtained from the Mac App Store.