- a. Send us an email
- b. Anonymous form
- Buyer's Guide
- Upcoming Products
- Tips / Contact Us
- Podcast Instagram Facebook Twitter Mastodon YouTube Notifications RSS Newsletter
Apple Releases Safari 15.6.1 for macOS Big Sur and macOS Catalina With Important Security Fix
Apple today released Safari version 15.6.1 for the older macOS Big Sur and macOS Catalina operating systems. The update includes an important security fix for a WebKit vulnerability that could lead to arbitrary code execution, according to Apple.
Apple released macOS Monterey 12.5.1 , iOS 15.6.1 , and iPadOS 15.6.1 yesterday with fixes for both WebKit and kernel vulnerabilities. As noted by Mr. Macintosh on Twitter , a fix for the kernel-related vulnerability has yet to be released for macOS Big Sur or macOS Catalina, but it's unclear if that vulnerability affects those operating systems.
Get weekly top MacRumors stories in your inbox.
Popular Stories
Apple Shares Full List of Over 250 New Features and Changes Coming With iOS 18
First iPhone 16 Carrier Deals Include iPhone 16/16 Pro For Free, $1,000 Off iPhone 16 Pro Max
Skipping the iPhone 16 Pro? Here's What's Rumored for iPhone 17 Pro
Apple Discontinues iPhone 15 Pro, iPhone 15 Pro Max and iPhone 13
Apple Announces iPhone 16 Pro and iPhone 16 Pro Max with Larger Displays, New Camera Control, and More
Apple Releases New AirPods Pro 2 Firmware With Support for iOS 18 Features
Everything Apple Announced at Today's Event in 13 Minutes
Top rated comments.
I wish Apple would make Safari on iOS a standalone app so it can be updated independently of iOS
I thought theoretically they had separated most of the core apps, but I still don’t recall ever seeing an update for them outside of a full OS release or point release. And yet they still choose certain apps that can’t be uninstalled. On the iPhone I can’t think of anything that can’t be uninstalled except maybe App Store itself, but on watch and Mac ironically News for example is there to stay, like it or not.
Exactly. Shutting the whole system down for an hour to update some minor chunk of code in Safari is atrocious design.
Your post makes absolutely zero sense. The benefit is we would get app updates immediately when there are issues instead of having to wait for an entire iOS update to get them. There wouldn’t be a million different configurations, it would be exactly the same as it is now. Apps could just be updated at the same time, just like iOS updates are updated at the same time.
Next Article
iOS 18 brings major changes to the Messages app, with Apple adding several fun features.
The Photos app redesign has been one of the most controversial changes that Apple made in iOS 18.
iOS 18 is an update designed for the iPhone, but it adds several new features to the AirPods
The Phone app doesn't often get updated, but with iOS 18 and Apple Intelligence, it's getting a major overhaul.
Larger displays, new Camera Control button, camera improvements, and more.
Updates to Mail, Photos, Messages, and more, with Apple Intelligence features throughout.
iPhone Mirroring, Safari improvements, new Passwords app, and Apple Intelligence features throughout.
Apple Intelligence features, Smart Script handwriting refinement, Calculator app, and more.
Other Stories
1 hour ago by Tim Hardwick
3 hours ago by Tim Hardwick
4 hours ago by Tim Hardwick
15 hours ago by Joe Rossignol
16 hours ago by Joe Rossignol
Apple releases Safari 15.6.1 to fix zero-day bug used in attacks
Lawrence abrams.
- August 18, 2022
Apple has released Safari 15.6.1 for macOS Big Sur and Catalina to fix a zero-day vulnerability exploited in the wild to hack Macs.
The zero-day patched today (CVE-2022-32893) is an out-of-bounds write issue in WebKit that could allow a threat actor to execute code remotely on a vulnerable device.
"Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited," warns Apple in a security bulletin released today.
An out-of-bounds write vulnerability is when an attacker can supply input to a program that causes it to write data past the end or before the beginning of a memory buffer.
This causes the program to crash, corrupt data, or in the worst-case scenario, remote code execution. Apple says they fixed the bug through improved bounds checking.
Apple says the vulnerability was disclosed by a researcher who wishes to remain anonymous.
This zero-day vulnerability is the same one that was patched by Apple yesterday for macOS Monterey and iPhone/iPads.
Apple has not provided details on how the vulnerability is being used in attacks other than saying that it "may have been actively exploited."
This is the seventh zero-day vulnerability fixed by Apple in 2022, with the previous bugs outlined below:
- In March, Apple patched two more zero-day bugs that were used in the Intel Graphics Driver (CVE-2022-22674) and AppleAVD (CVE-2022-22675).
- In January, Apple patched two more actively exploited zero-days that allowed attackers to execute code with kernel privileges (CVE-2022-22587) and track web browsing activity (CVE-2022-22594).
- In February, Apple released security updates to fix a new zero-day bug exploited to hack iPhones, iPads, and Macs.
Related Articles:
18-year-old security flaw in Firefox and Chrome exploited in attacks
Hackers targeting WhatsUp Gold with public exploit since August
SonicWall SSLVPN access control flaw is now exploited in attacks
Google backports fix for Pixel EoP flaw to other Android devices
Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited
- Actively Exploited
- Vulnerability
- Web Browser
- Previous Article
- Next Article
Post a Comment Community Rules
You need to login in order to post a comment.
Not a member yet? Register Now
You may also like:
Fortinet confirms data breach after hacker claims to steal 440GB of files
Fake password manager coding test used to hack Python developers
Adobe fixes Acrobat Reader zero-day with public PoC exploit
New Vo1d malware infects 1.3 million Android streaming boxes
Help us understand the problem. What is going on with this comment?
- Abusive or Harmful
- Inappropriate content
- Strong language
Read our posting guidelinese to learn what content is prohibited.
PSA: Update your iPhone to iOS 15.6.1 for two major security fixes
Apple released iOS 15.6.1 to iPhone and iPad users this week. Apple saying the update “provides important security updates and is recommended for all users.” Apple has now updated its security updates webpage with the full details on what’s been patched. Head below for the details on what the issue was and how to update.
iOS 15.6.1 security fixes
According to Apple, iOS 15.6.1 fixes two major vulnerabilities that were both exploited in the wild. Both of these vulnerabilities impacted every iPhone and iPad model capable of running iOS 15.
The first vulnerability could have allowed an application to execute arbitrary code with kernel privileges. The second vulnerability was in WebKit, the browser engine that powers Safari and all third-party browsers on iOS. For this vulnerability, Apple says that “processing maliciously crafted web content may lead to arbitrary code execution.”
Here are the full details according to Apple:
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: An out-of-bounds write issue was addressed with improved bounds checking.
CVE-2022-32894: an anonymous researcher
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Update to iOS 15.6.1 now
With two major security fixes, we recommend all iPhone users update to iOS 15.6.1 immediately and all iPad users update to iPadOS 15.6.1. You can do so by heading to the Settings app, choosing General, then choosing Software Update.
FTC: We use income earning auto affiliate links. More.
Check out 9to5Mac on YouTube for more Apple news:
Chance is the editor-in-chief of 9to5Mac, overseeing the entire site’s operations. He also hosts the 9to5Mac Daily and 9to5Mac Happy Hour podcasts.
You can send tips, questions, and typos to [email protected].
Manage push notifications
Newsletters
- Our sponsors
- Watch Store
- Hot topics:
- Apple deals
- Apple rumors
- Editor’s picks
macOS users need to update to Safari 15.6.1 to close a security hole
By Ed Hardy • 7:00 am, August 19, 2022
A recent macOS Monterey update deals with a nasty security problem in WebKit. But Apple is aware many users don’t upgrade to the latest operating system versions, so it also released Safari 15.6.1. The web browser update allows anyone using older macOS versions to avoid the vulnerability.
The browser update is free and available now.
Safari 15.6.1 is available for macOS
A bug in Apple’s WebKit rendering engine discovered by a security researcher allows a malicious web page to execute code without users’ permission. Even worse, “Apple is aware of a report that this issue may have been actively exploited,” warns the Mac-maker.
As noted, the problem is fixed in the recent macOS Monterey 12.5.1 update . And now it also can be taken care of for computers still running macOS Big Sur or macOS Catalina, thanks to the standalone web browser update.
All that’s necessary is to install Safari 15.6.1 . Apple recommends all users of these older macOS versions do so.
The same security hole affected iPhone and iPad but it was removed by iOS 15.6.1 and iPadOS 15.6.1 , which have been available since Wednesday.
How to update Safari
To update Apple’s Mac web browser, click on the Apple menu then choose System Preferences > Software Update . The new Safari version should be there.
Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.
Cult of Mac Today
Our daily roundup of Apple news, reviews and how-tos. Plus the best Apple tweets, fun polls and inspiring Steve Jobs bons mots. Our readers say: "Love what you do" -- Christi Cardenas. "Absolutely love the content!" -- Harshita Arora. "Genuinely one of the highlights of my inbox" -- Lee Barnett.
The Weekender
The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.
Popular This Week
What we did not get at apple’s september event, today in apple history: first airpods revealed to the world, this tiny 3-way charger is the star of anker’s new maggo lineup, jony ive designs a jacket that uses magical magnets for buttons, apple ‘it’s glowtime’ event rumors: iphone 16 and more, this is when you can get ios 18, ipados 18 and watchos 11, plug this carplay streaming box into your car’s infotainment system [deals], apple watch series 10 gets major upgrade, catches up with ultra, iphone 16 brings refined design, snazzy new colors and a18 chip, expect to see iphone 16 and 16 plus in these 4 colors.
Apple releases Safari 15.6.1 with important security fix
Apple wants everyone to update, and update fast.
Apple has officially released Safari 15.6.1 to Mac users running macOS Big Sur and macOS Catalina.
The latest update, which brings some usual bug fixes and performance improvements to the browser, also fixes a major security vulnerability that Apple has confirmed was used in the wild.
The fix, which is for WebKit, is available for users running macOS Big Sur and macOS Catalina. It fixes an issue where "processing maliciously crafted web content may lead to arbitrary code execution."
The full details of the security fix are in the release notes and below:
- Available for: macOS Big Sur and macOS Catalina
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: An out-of-bounds write issue was addressed with improved bounds checking.
- WebKit Bugzilla: 243557 CVE-2022-32893: an anonymous researcher
Apple fixed more than just Safari lately
Safari isn't the only piece of software that has been affected by the security vulnerability. iOS 15, iPadOS 15, and macOS Monterey were also affected by the issue and Apple released updates for all of them yesterday to patch the vulnerability.
In addition to addressing the WebKit security issue, those updates also addressed a security vulnerability at the kernel level where "an application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited."
You can see all of the information about that security issue below:
Master your iPhone in minutes
iMore offers spot-on advice and guidance from our team of experts, with decades of Apple device experience to lean on. Learn more with iMore!
- Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
- Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
- CVE-2022-32894: an anonymous researcher
So, if you are running any of these software versions, make sure you update right away so you are protected.
Joe Wituschek is a Contributor at iMore. With over ten years in the technology industry, one of them being at Apple, Joe now covers the company for the website. In addition to covering breaking news, Joe also writes editorials and reviews for a range of products. He fell in love with Apple products when he got an iPod nano for Christmas almost twenty years ago. Despite being considered a "heavy" user, he has always preferred the consumer-focused products like the MacBook Air, iPad mini, and iPhone 13 mini. He will fight to the death to keep a mini iPhone in the lineup. In his free time, Joe enjoys video games, movies, photography, running, and basically everything outdoors.
Apple's new "best AI PC" Mac ads take aim at Microsoft's Copilot+ machines
The iPhone 16 reveal is tomorrow, but details about Apple's next event have already leaked - including M4 Macs and new iPad models
AT&T reveals its iPhone 16 deals — get up to $1,000 off with an eligible trade-in
Most Popular
- 2 Don't worry, the Apple Watch Ultra 3 and Apple Watch SE 3 are both coming next year
- 3 Apple releases new firmware for AirPods Pro 2 with features for iOS 18
- 4 I might downgrade from my AirPods Pro 2 to the AirPods 4
- 5 A surprising new Beats product launched at Apple's latest event: iPhone 16 cases
Tips & Tricks
Troubleshooting, safari 15.6.1 for macos big sur and macos catalina released.
Apple has released Safari 15.6.1 with an important security fix for Macs running macOS Big Sur and macOS Catalina.
The Safari update includes the same security fixes that are available in macOS Monterey 12.5.1 update for Mac users running Monterey, and iOS 15.6.1 and iPadOS 15.6.1 for iPhone and iPad. The latest macOS Ventura beta also apparently includes the same security fix.
The security update is recommended for all Mac users running macOS Big Sur and macOS Catalina.
How to Get Safari 15.6.1 on MacOS Big Sur & Catalina
- Quit out of Safari
- From the Apple menu go to “System Preferences”
- Choose “Software Update”
- Choose to download and install Safari 15.6.1
Safari 15.6.1 is only available for MacOS Big Sur and MacOS Catalina. Mac users running MacOS Monterey will find macOS 12.5.1 available to download instead.
Mac users running earlier versions of MacOS system software won’t have a Safari update available, but can instead find protection by using a different web browser entirely, whether it’s Chrome, or Brave.
A description of the flaw on the Apple website is as follows https://support.apple.com/en-us/HT213414:
Safari 15.6.1 Released August 18, 2022 WebKit Available for: macOS Big Sur and macOS Catalina Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking. WebKit Bugzilla: 243557 CVE-2022-32893: an anonymous researcher
Enjoy this tip? Subscribe to our newsletter!
Get more of our great Apple tips, tricks, and important news delivered to your inbox with the OSXDaily newsletter.
You have successfully joined our subscriber list.
Related articles:
- Get the macOS Big Sur Default Wallpapers
- Troubleshooting MacOS Catalina Problems
- How to Prepare for MacOS Big Sur
- MacOS Big Sur Announced with New UI – Screenshots & Features
Leave a Reply
Name (required)
Mail (will not be published) (required)
Subscribe to OSXDaily
- - Which Apple Watch Models Support WatchOS 11? Here’s the List
- - iPadOS 18 is Compatible with These iPads
- - iOS 18 is Compatible with These iPhone Models
- - MacOS Sequoia is Compatible with These Macs
- - Listen to Apple Podcasts on the Web
- - MacOS Sequoia 15 Release Candidate Available to Download Now
- - iOS 18 Release Candidate Available to Download Now
- - iPhone 16 & iPhone 16 Pro Announced with Faster Chips & Apple Intelligence Support
- - Apple Watch Series 10 with Thinner Design, Larger Screen, & Temperature Sensors, Announced
iPhone / iPad
- - iOS 18 Beta 8 Available to Download
- - iPhone 16 Expected to Debut at September 9 Apple Event
- - MacOS Sequoia 15 Beta 8 Available to Download
- - How to Run Llama LLM on Mac, Locally
- - MacOS Sequoia 15 Beta 7 Available for Testing
- - How to Recover an Unsaved PowerPoint on Mac
- - How to Uninstall VMWare Fusion on Mac
- - chronod on Mac – High CPU Use & Network Access Requests Explained
- - Why Are iPhone Videos Low Quality & Blurry When Sent to Android Users?
- - Fix brew Error “The arm64 architecture is required for this software” on Apple Silicon Mac
About OSXDaily | Contact Us | Privacy Policy | Sitemap
This website is unrelated to Apple Inc
All trademarks and copyrights on this website are property of their respective owners.
© 2024 OS X Daily. All Rights Reserved. Reproduction without explicit permission is prohibited.
Download: Safari 15.6.1 for Catalina and Big Sur Released
Apple has just released Safari 15.6.1 for macOS Catalina and macOS Big Sur with important fixes.
You Can Now Download Safari 15.6.1 Update with Extremely Important Security Fixes if You’re Using macOS Catalina or Big Sur
If you refuse to update to macOS Monterey, or your Mac simply does not support the latest version of Apple’s desktop operating system, there’s an important Safari update waiting for you.
Related Story Musician Turns An iPhone Ringtone In A Complete Song That You Will Listen To On Repeat
Bumped to version 15.6.1, this new update to Safari is available for both macOS Catalina and macOS Big Sur users. While this update does not add anything new to the web browser, it is an extremely important release since it introduces security fixes for a WebKit vulnerability.
According to Apple :
Available for: macOS Big Sur and macOS Catalina. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking.
If that completely phased you out, then let me put it in simple words - just update to Safari 15.6.1 in order to keep your online activity safe at all times. Staying on the latest version of any software at all is always a great idea.
In order to download the new update, all you have to do is go to System Preferences > Software Update . Just wait for the page to refresh, and the new update will show up in a bit. Install it whenever it shows up.
If you’ve set your Mac to automatically download and install updates, then the update should install within a day or two on its own. But of course, since Safari 15.6.1 is an extremely updated release, therefore it is a good idea to download and install it manually as quickly as possible.
Further Reading
Apple’s Second-Generation AR Headset To Be Available In Two Variants And Varying Prices
Foxconn To Mass Produce Apple’s Second-Generation AR Headset, Which Will Reportedly Be Much Cheaper
iOS 16.4 Beta Code References New “Compute Module” Device, Potentially Hinting At Mac Pro Or AR Headset
A17 Bionic, M3 SoCs To Be In Ample Supply As TSMC Said To Prep A 45,000-Wafer Output In March For Its 3nm Technology
Trending stories, samsung withdraws its personnel from its taylor plant located in texas due to 2nm gaa yields unable to improve beyond the 10-20 percent range, nvidia ceo says he can switch from tsmc if needed – outlines non ai $1 trillion market, grand theft auto vi is unlikely to run at 60 fps on playstation 5 pro if rockstar is targeting 30 fps on the base model, intel core ultra 200 “arrow lake” desktop cpu specs leak: core ultra 9 285k & ultra 7 265k with 250w mtp, ultra 5 245k at 159w, playstation 5 pro leaked benchmark reveals increased dynamic resolution range at max settings without pssr over base model, 8k option, pssr improvements.
Popular Discussions
Amd to hold “advancing ai” event at october 10: debut of instinct mi325x ai accelerator, 5th gen epyc cpus & much more, amd confirms its focusing on mainstream segment first with rdna 4 gpus in order to compete against nvidia, amd to integrate consumer & datacenters gpus into unified “udna” architecture, rdna & cdna coming to an end, amd preps replacement of agesa with opensil starting next-gen zen 6 “ryzen & epyc” families, intel core ultra 200 “arrow lake” desktop cpus listed at online retailers: 285k £471, 265k £327, 245k £250.
- Home New Posts Forum List Trending New Threads New Media Spy
- WikiPost Latest summaries Watched WikiPosts
- Support FAQ and Rules Contact Us
Apple Releases Safari 15.6.1 for macOS Big Sur and macOS Catalina With Important Security Fix
- Thread starter MacRumors
- Start date Aug 18, 2022
- Sort by reaction score
- News and Article Discussion
- MacRumors.com News Discussion
macrumors regular
- Aug 18, 2022
eatrains said: It's not Safari code, it's system-level WebKit code. Click to expand...
Kenjutsuz said: Exactly...20 minutes download. install add 10.. Click to expand...
Macaholic868
Macrumors 65816.
hagar said: Why? To get a million different configurations of devices in the wild, all having different versions of the OS and apps? What’s the benefit in having iOS 16.1, Safari 15.0.13, Music 12.1, etc. While someone else might have a variation on that. Each configuration introduces new issues and bugs making it very hard for Apple to maintain this. Now at least everybody is on the same version. The only downside I see with the current approach is that updates always require a reboot. Click to expand...
nvmls said: Sorry but echo chamber whispers say "5 min". Click to expand...
Macaholic868 said: Agreed. If you want that kind of granular OS control iOS has never been the OS that’s right for you. You know what you’re getting with iOS. A mobile operating system that’s a walled garden shipping with certain apps and components that you can’t remove along with tight integration into the Apple ecosystem. If that’s not your cup of tea go with Android or some other OS with more granular control. The same applies to MacOS as well. It is what it is and that’s a big part of the reason why it “just works” and is so easy to use for end users. Click to expand...
macrumors 603
Jumpthesnark
They're rolling it out. I'm on Big Sur and I opened the software update control panel. Nothing. Closed, reopened and it says Safari 15.6.1 is available. UPDATE: Took like 30 seconds for it to download new version, install and restart Safari.
It would be real smart if they updated older versions of safari as well. Hundreds of millions of users on older OS's way back to High Sierra for pro audio reasons and NVIDIA 3d rendering.
DocMultimedia
Macrumors 68000.
So is this for 10.14, 10.15, or something else. I really can't stand having to know the name of California cities and what they mean in terms of versions. I miss the days of sanity.
Am I the only one having issues with facebook after the update yesterday? I can't create a post in any of my groups. I also noticed when I like a comment the icon doesn't turn bold like it used to
macrumors 6502a
- Aug 19, 2022
Any love for Snow Leopard?
Steve121178
Saturn007 said: What about fixes for Mojave and earlier operating systems? I presume they're affected, too. Many of us have older Macs; many of us still use 32-bit apps -- e.g., Office 2011; many of us are aware that upgrading to a recent OS could render our Macs sluggish; etc. We spent good money in our day -- and keep spending it on newer computers -- but want to keep our older or even recent systems running securely! Click to expand...
macrumors 68020
DocMultimedia said: So is this for 10.14, 10.15, or something else. I really can't stand having to know the name of California cities and what they mean in terms of versions. I miss the days of sanity. Click to expand...
macrumors 68040
Apple discloses serious security vulnerabilities for iPhones, iPads and Macs
One thing I'll say for Apple, as glacially slow as they are at putting a USB C socket on an iPhone, they don't eff about when security vulnerabilities come to light.
George Dawes
As I do lots of digital banking I'm going to attempt to upgrade from mojave to monterey , that should be interesting .. What a hassle I just don't need - thx Apple ..
JosephAW said: No love for Mojave. Click to expand...
If they had an imac with a bigger screen say 27-32 i'd buy that pronto , but none of the current stuff does anything for me I bought an M1 mini but that's in the front room attached to a tv , might just get another of those if the update goes kaput ... ( backing up now ) ... gawd its taking ages
George Dawes said: If they had an imac with a bigger screen say 27-32 i'd buy that pronto , but none of the current stuff does anything for me I bought an M1 mini but that's in the front room attached to a tv , might just get another of those if the update goes kaput ... ( backing up now ) ... gawd its taking ages Click to expand...
multimania said: I'm sorely tempted by an iMac, but I would like an iMac with more GPU performance. I'm finding this so much w Apple these days, they never seem to have the spec I'd like for my use case. Click to expand...
Jordan Klein
lkrupp said: Quite simple, actually. If you are running Catalina or Big Sur and have Safari 15.6 installed the update will show up in System Preferences->Software Update. As you should well know by now there is NO standalone updater to download. Click to expand...
macrumors 6502
This vulnerability is FRONT PAGE news across every news website in the U.K. from the BBC to Sky News to Daily Mail and so on and so forth. Not a good look for Apple at all. They’ve dropped the ball, again.
Just updated mine. Is the security issue over exaggerated or serious? I mean I’m hearing people could have their devices locked or operated by a hacker because of the breach but then it says the event of that happening is unlikely ?
desslr said: This vulnerability is FRONT PAGE news across every news website in the U.K. from the BBC to Sky News to Daily Mail and so on and so forth. Not a good look for Apple at all. They’ve dropped the ball, again. Click to expand...
DD88 said: Just updated mine. Is the security issue over exaggerated or serious? I mean I’m hearing people could have their devices locked or operated by a hacker because of the breach but then it says the event of that happening is unlikely ? Click to expand...
mdnz said: Any love for Snow Leopard? Click to expand...
Safari 15.6.1
Apple has released Safari 15.6.1 for macOS 11 Big Sur and 10.15 Catalina with a patch for a serious WebKit vulnerability that has been exploited in the wild. We recommend updating right away using Software Update. (Free, various sizes, release notes , macOS 10.15+)
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 33 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.
This site is protected by reCAPTCHA. The Google Privacy Policy and Terms of Service apply.
Comments About Safari 15.6.1
Notable replies.
Apple has released Safari 15.6.1 for macOS 11 Big Sur and 10.15 Catalina with a patch for a serious WebKit vulnerability that has been exploited in the wild.
Josh, this sentence has confused me for about 4 days. I presumed that Safari 15.6 would need updating on macOS 12.5 Monterey, but, apparently, that is not the case. I never realized that Safari could have a higher version number on earlier versions of the OS. I wish there had been an explicit statement that MacOS Monterey did not need to be updated. I kept pinging Software Update in system preferences – waiting for an update above Monterey 12.5 that never came. Perhaps I’m the only person on TidBITS who made this error; perhaps not.
That’s because it was included in the MacOS 12.5.1 update released a few days earlier. If you check the version of Safari after installing the release, you’ll notice that it’s 15.6.1, Also the release notes for the update refer to WebKit changes. Since WebKit is the base for Safari, it implies an updated Safari
It is usually quite common for updates for earlier OS’s to be released a few days after an update to the current OS. If required, those updates will provide equivalent security updates to those OS’s and other system components.
I see that 12.5.1 was released 6 days ago. However, Apple’s Software Update has #!$$ failed to provide me with that update – it says that 12.5 is the current OS. I have tried multiple times daily to get that update, but Apple ain’t serving it up to me:
I thought I was missing an update; you confirmed that. I guess I’ll have to contact Apple Support to find out why I’m not seeing the update. Thanks.
If you want to force the update, you can try using SilentKnight, downloaded from Eclectic Light Company:
SilentKnight 1.21
The documentation is included in the download. It can force Software Update to actually perform its function.
I logged in to a different user-id on my Mac (and I didn’t log in to my Apple ID account). I was instantly able to see macOS 12.5.1. I downloaded the image and installed it.
I had no idea that availability of new OS downloads could be influenced by one’s Apple ID. That’s pretty wonky. Apple support suggested that I log in to safe mode to try to download the image; I figured trying a different User ID would be a good idea. I expressed my distress to Apple that their servers wouldn’t show me the update when logged in with my Apple ID and suggested they bump that complaint to engineering.
I fondly hope this glitch is happening to very few people.
That does seem wrong—I wonder if it was an unrelated glitch that had either gone away or was cleared by logging out. Sometimes a restart is still a useful workaround too!
You’re absolutely right. I love/hate when a support tech asks me to reboot. This time, it was a good call. I consider myself a sophisticated user, and this completely threw me off. If lots of users are missing the zero-day Safari fix, that would be a bad thing.
My situation is different because it’s the App Store rather than Software Update, but maybe Apple uses similar routines out of sight of the user. I updated Numbers and Pages while logged into one account, and I keep getting bugged to install the same updates while logged into a different account on the same computer.
Join the discussion in the TidBITS Discourse forum
Participants.
About the security content of iOS 15.6.1 and iPadOS 15.6.1
This document describes the security content of iOS 15.6.1 and iPadOS 15.6.1.
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.
Apple security documents reference vulnerabilities by CVE-ID when possible.
For more information about security, see the Apple Product Security page.
iOS 15.6.1 and iPadOS 15.6.1
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: An out-of-bounds write issue was addressed with improved bounds checking.
CVE-2022-32894: an anonymous researcher
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
CVE-2022-32893: an anonymous researcher
Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.
Related topics
Safari 15.6.1 Audit
Discover safari installations vulnerable to the latest zero-day vulnerability, safari 15.6.1 zero-days query, other reports in this category, edge 120 audit, firefox 124.0.1 and firefox esr 115.9.1 vulnerability audit, firefox 121 and firefox esr 115.6 audit, ready to get started you’ll be up and running in no time..
Explore all our features, free for 14 days.
Coming soon: Apple Event on 9/9 at 10 a.m. PT
> Learn more
> Add to your calendar
Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.
where do I download safari 15.6.1?
where do I download Safari 15.6.1?
MacBook Pro 15″, macOS 10.15
Posted on Dec 12, 2022 11:56 PM
Posted on Dec 13, 2022 8:20 AM
Safari is updated along with macOS. To learn how to do that, please read How to update the software on your Mac - Apple Support .
Similar questions
- Where can I download any version of Safari for windows? Where can I download any version of Safari for windows? 97 1
- How do I download Safari? How do I download the latest safari 409 1
- How do I get safari 14.0? How do I get safari 14.0? 162 1
Loading page content
Page content loaded
Dec 13, 2022 8:20 AM in response to tracefromca
Jan 9, 2023 1:03 AM in response to John Galt
Jan 9, 2023 1:04 AM in response to brovinlove
IMAGES
VIDEO
COMMENTS
Safari 15.6.1. Released August 18, 2022. WebKit. Available for: macOS Big Sur and macOS Catalina. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking.
Apple this week released iOS 15.6.1 and macOS Monterey 12.5.1, both with security enhancements. And to bring these security enhancements to even more users, the company today released Safari 15.6. ...
Apple today released Safari version 15.6.1 for the older macOS Big Sur and macOS Catalina operating systems. The update includes an important security fix for a WebKit vulnerability that could ...
August 18, 2022. 03:49 PM. 0. Apple has released Safari 15.6.1 for macOS Big Sur and Catalina to fix a zero-day vulnerability exploited in the wild to hack Macs. The zero-day patched today (CVE ...
Update to iOS 15.6.1 now. With two major security fixes, we recommend all iPhone users update to iOS 15.6.1 immediately and all iPad users update to iPadOS 15.6.1. You can do so by heading to the ...
Safari 15.6.1 is available for macOS. A bug in Apple's WebKit rendering engine discovered by a security researcher allows a malicious web page to execute code without users' permission. Even ...
Apple has officially released Safari 15.6.1 to Mac users running macOS Big Sur and macOS Catalina. The latest update, which brings some usual bug fixes and performance improvements to the browser, also fixes a major security vulnerability that Apple has confirmed was used in the wild. The fix, which is for WebKit, is available for users running ...
Apple has released Safari 15.6.1 with an important security fix for Macs running macOS Big Sur and macOS Catalina. The Safari update includes the same security fixes that are available in macOS Monterey 12.5.1 update for Mac users running Monterey, and iOS 15.6.1 and iPadOS 15.6.1 for iPhone and iPad. The latest macOS Ventura beta also apparently includes the same security fix.
Apple has released iOS 15.6.1, along with a warning to update now, because it fixes two security holes already being used to attack iPhones. The first issue fixed in iOS 15.6.1 is a vulnerability ...
Hi, As per the title really. I have an early 2015 4GB / 128 GB Macbook Air running mcOS Catalina 10.15.7 and the most up to date version of Safari 15.6.1 that will run on Catalina. I've held off updating to Big Sur and Monterrey as I was worried be Air wouldn't be powerful enough to run them...
Safari 15.6. Released July 20, 2022. JavaScriptCore. Available for: macOS Big Sur and macOS Catalina. Impact: Processing web content may lead to arbitrary code execution. Description: The issue was addressed with improved bounds checks. WebKit Bugzilla: 241931.
Oct 17, 2023 5:49 PM in response to Lady_dash. Safari 15.6.1 would indicate you're using Safari on macOS Catalina. If your Mac can be upgraded, you should do that. If not, and if you are having trouble connecting to and using websites with your older version of Safari, try it with a newer third party browser that is still being updated to meet ...
If that completely phased you out, then let me put it in simple words - just update to Safari 15.6.1 in order to keep your online activity safe at all times. Staying on the latest version of any ...
What's the benefit in having iOS 16.1, Safari 15.0.13, Music 12.1, etc. While someone else might have a variation on that. Each configuration introduces new issues and bugs making it very hard for Apple to maintain this. Now at least everybody is on the same version.
About the security content of Safari 15.1. This document describes the security content of Safari 15.1. About Apple security updates. For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available.
That's because it was included in the MacOS 12.5.1 update released a few days earlier. If you check the version of Safari after installing the release, you'll notice that it's 15.6.1, Also the release notes for the update refer to WebKit changes. Since WebKit is the base for Safari, it implies an updated Safari
iOS 15.6.1 and iPadOS 15.6.1. Released August 17, 2022. Kernel. Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to execute arbitrary code with kernel privileges.
Discover Safari Installations Vulnerable to The Latest Zero-Day Vulnerability In addition to an earlier update for macOS, iOS and iPadOS, Apple has also released a new version of Safari for macOS Big Sur and macOS Catalina. The update was released to fix a zero-day vulnerability, CVE-2022-32893. The vulnerability is an out-of-bounds write issue ...
Level 10. 470,943 points. Nov 1, 2023 1:20 PM in response to 4845Fl. To upgrade Safari from Safari 15.6.1 to a later version you would need to upgrade your Mac from macOS 10.15.7 to a later version. If you can't or don't want to upgrade, you may want to use a 3rd party internet browser that supports running their current version on your Mac.
John Galt. Level 10. 144,140 points. Posted on Dec 13, 2022 8:20 AM. Safari is updated along with macOS. To learn how to do that, please read How to update the software on your Mac - Apple Support. View in context. 3 replies.