Apple fixes Safari phishing hole

Apple Computer has released a number of security patches to address phishing, denial of service and buffer overflow...

Apple Computer has released a number of security patches to address phishing, denial of service and buffer overflow vulnerabilities in its Mac operating system for clients and servers.

The monthly security update includes a patch to prevent phishing attacks via Apple’s Safari browser.

This vulnerability is caused by the browser’s support for the Internationalized Domain Name (IDN) protocol, which is designed to make it easier for users to jump from one international website to another by allowing the browser to easily recognise foreign characters.

Phishing scammers have used the protocol to trick users into thinking they are viewing a trusted site when they are not.

Apple says it has closed this security hole with the Safari patch, following the likes of Mozilla and Opera, which have done the same with their patches.

Microsoft’s Internet Explorer does not support IDN so is not affected by the vulnerability.

The patches can be downloaded from:



Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.




  • Passive Python Network Mapping

    In this excerpt from chapter two of Passive Python Network Mapping, author Chet Hosmer discusses securing your devices against ...

  • Protecting Patient Information

    In this excerpt from chapter two of Protecting Patient Information, author Paul Cerrato discusses the consequences of data ...

  • Mobile Security and Privacy

    In this excerpt from chapter 11 of Mobile Security and Privacy, authors Raymond Choo and Man Ho Au discuss privacy and anonymity ...