Safari Update 10.8.5

I’m calling it a security update, though it’s officially a full-on point release of OS X Mountain Lion, taking the 10.8 variant of Apple’s OS X to version 10.8.5.

  1. Download Safari Update For Mac
  2. Safari Download
  3. Safari Update For Mac
  4. Safari Update For Mac 10.8.5
  5. Safari Update 10.6.8
  6. Safari Update 10.8.5 Version
  7. Safari Update 10.8.5 Free

Dec 03, 2014 The updates are versioned as Safari 8.0.1 for OS X 10.10, Safari 7.1.1 for OS X 10.9.5, and Safari 6.2.1 for OS X 10.8.5. All Mac users who use the Safari browser should update to the newest version available to them through the Mac App Store, accessible via the Apple menu. The updates are small in size and weigh around 65MB, and a reboot is. On App Store, click Updates. Click the UPDATE button next to Safari if there’s any update available. Wait for the update process to complete. Now check to see if this fixes your Safari issue. If it does, great! But if not, there are still other fixes you can try Fix 2: Temporarily disable your antivirus. Oct 04, 2013 Download the latest version of OS X 10.8.5 Supplemental Update for Mac - Recommended update for OS X Mountain Lion users. Read 16 user reviews of OS X 10.8.5 Supplemental Update on MacUpdate. Mac 10.8.5 safari free download for mac (page 2) - Xmarks for Safari 1.3.5: Your favorite bookmarks anywhere in Safari, and much more programs. A Google search box is a standard component of the Safari interface, as are software services which automatically fill out Web forms and spell-check entries into web page text fields.

But with twice as many security fixes listed as regular bug fixes and improvements, I’m happy to call it a “security update,” if only in the hope you’ll feel a bit more urgency about deploying it.

There are 15 official security patches, one fix that Apple has appended to the list without explicitly admitting that it was a security issue, and one bonus patch that is mentioned on Apple’s website but not in its emailed security advisory.

Download Safari Update For Mac

I’ll start with the free bonus patch, because I’m delighted it’s happened and I think you should know about it.

Safari Download

The infamous sudo privilege escalation, documented and patched by sudo itself back in February and pointedly exposed on OS X by Metasploit last month, is no more.

Confusingly, if you run sudo -V to check the version number, you might get the impression it hasn’t been updated, since 1.7.4p6a has the same core version string as the version shipped with 10.8.4 (1.7.4p6).

Safari

Nevertheless, the sudo binary has been updated, and in my tests, the privilege escalation bug had vanished.

Until 10.8.4, doing a sudo -k (which is supposed to deauthenticate you, and thus does not require a password), followed by setting the time to just after midnight on 01 Jan 1970, would give you root access.

Update

In 10.8.5, it does not.

Presumably, Apple yielded to public pressure to fix this long-running hole, but, instead of taking all the sudo changes from the past few months, just backported the sudo -k fix to version 1.7.4p6, a much less risky change.

Moving up the list, the not-a-security-fix I mentioned above is included, almost as an afterthought, as follows:

OS X Mountain Lion v10.8.5 also addresses an issue where certain Unicode strings could cause applications to unexpectedly terminate.

Safari Update 10.8.5

Safari Update For Mac

That’s the bug we decribed as “only six characters from a crash.”

Although it probably deserved to be called a denial of service rather than merely “an issue,” it was indeed more of an annoyance than a vehicle for cybercrooks.

At any rate, it’s good to see it patched quickly.

Other significant patches include potential remote code execution holes in:

  • JBIG2 decompression in PDF files by the CoreGraphics library.
  • JPEG2000 decompression in PDF files by the ImageIO component.
  • The web programming system PHP.
  • The handling of QuickTime movies by QuickTime.

If you’re an OS X user, you may have been unaware that PHP was installed at all, since it is usually considered a server-side component.

But it is present, and it was vulnerable, although it isn’t enabled by default, even if you turn on OS X’s built-in Apache web server.

PHP isn’t the only server-flavoured component to receive security attention in 10.8.5, with fixes also shipped for the following applications usually found on servers:

  • The Apache webserver. (Cross-site scripting.)
  • The name server Bind. (Denial of service.)
  • The database server PostgreSQL. (Privilege escalation.)

For users on the still-supported earlier versions of OS X, namely Snow Leopard (10.6) and Lion (10.7), the latest fixes come as Security Update 2013-004, rather than as a point release.

Safari Update For Mac 10.8.5

The list of fixes for 10.6 and 10.7 is similar to the list for 10.8.5, with the addition of a remote code execution flaw in ClamAV. (ClamAV is not part of the OS X 10.8 distribution.)

Also, the oldest supported OS X version, 10.6, gets a separate update for a remote code execution hole in Safari, which moves to version 5.1.10.

Neither Lion nor Mountain Lion need or receive this fix, as they are on Safari 6.

As usual, you can grab Apple’s updates by simply clicking on the Apple Menu and choosing Software Update… or by downloading them as DMG files from Apple’s download site.

Some useful pages on Apple’s site include:

  • HT5880: Security content of 10.8.5 and 2013-004.
  • HT5921: Security content of Safari 5.1.10.
  • DL1675: OS X Mountain Lion Update v10.8.5. [From 10.8.4 only, 273MB.]
  • DL1676: OS X Mountain Lion Update v10.8.5 (Combo). [From any 10.8, 831MB.]
  • DL1677: Security Update 2013-004 (Lion). [113MB.]
  • DL1678: Security Update 2013-004 (Snow Leopard). [331MB.]
  • DL1569: Safari 5.1.10 for Snow Leopard. [48MB.]

To conclude, even though Macs don’t get malware (only kidding!), Apple has updated its plugin blocker following Adobe’s latest Patch Tuesday.

Safari will now refuse to use Flash plugins earlier than 11.8.800.94.

That doesn’t force you to be bang up to date with Flash – the September Patch Tuesday introduced 11.8.800.168 to fix remote code execution holes in the 11.8.800.94 – but ensuring you are at the latest-but-one is at least a start.

Safari Update 10.6.8

Happy patching!

(I did my 10.8.5 update early this morning: it may be only half a day, but so far, so good.)

Safari for Mac

Safari is included with your Mac.

Safari Update 10.8.5 Version

  • To keep Safari up to date, install the latest macOS updates. The most recent version of macOS includes the most recent version of Safari.
  • If you deleted Safari and don't have a backup, reinstall macOS to put Safari back in your Applications folder. Reinstalling macOS doesn't remove data from your computer. Before reinstalling, you might want to use Spotlight to search for Safari. If you find it, but it's no longer in your Dock, just drag it to the Dock to add it back.

Safari Update 10.8.5 Free

Download

Safari for Windows

Apple no longer offers Safari updates for Windows. Safari 5.1.7 for Windows was the last version made for Windows, and it is now outdated.