Apple has alerted users about a bunch of security fixes for its software on supported versions of macOS that you ought to install as soon as you can.
For Safari, there are nine CVE-listed patches in version 13.1.1. Six address malicious code execution (CVE-2020-9802, CVE-2020-9800, CVE-2020-9806, CVE-2020-9807, CVE-2020-9850, CVE-2020-9803) that can be achieved by opening a booby-trapped webpage or similar.
These were found separately by Samuel Groß of Google Project Zero; Brendan Draper working with Trend Micro's ZDI; Wen Xu of SSLab at Georgia Tech in the US; and a trio working together at SSLab. The vulnerabilities are present in the Webkit component of Safari.
The SSLab trio also found CVE-2020-9801 in Safari that can be exploited by malware already running on a Mac t ..
Support the originator by clicking the read the rest link below.
