Reprinted from TidBITS by permission; reuse governed by Creative Commons
license BY-NC-ND 3.0. TidBITS has offered years of thoughtful commentary
on Apple and Internet topics. For free email subscriptions and access to the
entire TidBITS archive, visit http://www.tidbits.com/


   Safari 7.0.4 and 6.1.4

   Agen G. N. Schmitz

   Apple has released Safari 7.0.4 for users of OS X 10.9 Mavericks and
   Safari 6.1.4 for users of 10.8 Mountain Lion and 10.7 Lion, both of
   which fix multiple critical vulnerabilities associated with WebKit.
   According to the [1]security note for these updates, both versions of
   Safari fix a swath of memory corruption issues within the rendering
   engine that could lead to arbitrary code execution after visiting a
   maliciously crafted Web site. They also deal with a problem with
   handling Unicode characters in URLs that could enable a maliciously
   crafted URL to send out an incorrect postMessage origin. Both updates
   are available only through Software Update. (Free)

References

   1. http://support.apple.com/kb/HT6254

.