To coincide with the release of Mac OS X v10.8 Mountain Lion, Apple also released the new Safari 6 Web browser (which comes with Mountain Lion) for OS X v10.7 Lion.Not surprisingly, Apple did not release the new browser for Mac OS X v10.6 Snow Leopard, which was released 3 years prior to Mountain Lion and is now two major OS versions old.
However, what is surprising is that Apple did not release the Safari update for Windows, either. Nor did Apple release a security-only patch for the Windows or Snow Leopard versions of Safari 5.1 to close the 121 security vulnerabilities fixed in Safari 6.0.
This means that anyone still using Safari on Windows or Snow Leopard is unknowingly leaving their system vulnerable to exploitation and infection.
Read the detailed article I wrote for Sophos Naked Security for more information:
Where are the Safari security updates for Windows and Snow Leopard? Users left exposed
UPDATE, 7 Jan 2013: Apple has since released Safari 6.0.1 and 6.0.2, patching an additional 63 vulnerabilities. No corresponding security updates have been released for the Windows or Snow Leopard versions of Safari.
See also Is Apple Still Releasing Snow Leopard Updates?
For more from the JoshMeister on Security, please subscribe via e-mail or RSS, or follow me on Twitter or Google+.
Posts
No comments:
Post a Comment
Comment moderation is enabled. (If you wish to contact Josh privately, you can leave a comment and ask that it not be published.)