iPhone maker Apple has released a massive security update for its Safari web browser, merely two days after it dished out the Mac OS X Lion.
The update, which covers the new operating system as well, patches 57 security flaws that affect Windows 7, Vista, XP SP2 and Mac OS X versions of the web browser. The company also advised users to update to the new Safari 5.1 web browser.
Security firm Sophos points out in the Naked Security blog (opens in new tab) that Apple has not made it clear whether Safari 5.1 users are vulnerable to the security flaws fixed by Apple.
Paul Ducklin, Head of Technology for Asia Pacific at Sophos informs that out of the 57 security flaws patched by Apple, 46 of them might lead to remote code execution, 4 might result in information disclosure, 3 might lead to spoofing of addresses or content, 1 related to SSL certificates and another 3 might allow cross-site scripting.
“Once again, to Mac fanbuoys (and gurls) who insist that Macs are vulnerable only to the sort of malware infection which relies on the user agreeing to a sequence of dubious-looking installation steps: look at all the entries in the list below labelled EXEC. These denote possible remote code execution vulnerabilities in the Safari product,” Ducklin warned.