Apple released Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 Tuesday, releases that patch many memory issues, included memory corruption. The updates also address an issue that could allow malicious hackers to disguise a URL.
Apple's patch notes:
Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
WebKit
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.CVE-ID
- CVE-2015-1068 : Apple
- CVE-2015-1069 : Apple
- CVE-2015-1070 : Apple
- CVE-2015-1071 : Apple
- CVE-2015-1072
- CVE-2015-1073 : Apple
- CVE-2015-1074 : Apple
- CVE-2015-1075 : Google Chrome Security team
- CVE-2015-1076
- CVE-2015-1077 : Apple
- CVE-2015-1078 : Apple
- CVE-2015-1079 : Apple
- CVE-2015-1080 : Apple
- CVE-2015-1081 : Apple
- CVE-2015-1082 : Apple
- CVE-2015-1083 : Apple
WebKit
Impact: Inconsistent user interface may prevent users from discerning a phishing attack
Description: A user interface inconsistency existed in Safari that allowed an attacker to misrepresent the URL. This issue was addressed through improved user interface consistency checks.CVE-ID
- CVE-2015-1084 : Apple
You can download the update for your version of OS X through the Mac App Store.