|
Apple has released Safari 3.1 and Security Update 2008-002 to address multiple vulnerabilities.
These vulnerabilities may allow an attacker to do the following:
- Execute arbitrary code
- Cause a denial-of-service condition
- Bypass authentication
- Elevate privileges
- Obtain sensitive information
- Cause untrusted certificates to appear trusted
US-CERT encourages users to do the following to help mitigate the risk:
- Review Apple Article 307563 and upgrade to Safari 3.1.
- Review Apple Security Update 2008-002 and apply any necessary updates.
US-CERT will provide more information as it becomes available.
|
