Safari has a vulnerability (CVE-2023-23529) which with one click of a link allows a hacker full control of your Mac or iOS. The quick fix is to upgrade Safari to version 16.3.1.
The challenge is Apple aren’t open with their vulnerabilities like Chrome and Firefox so there isn’t an easy way to compare the number or severity of vulnerabilities between Safari, Chrome and Firefox.
We know all browsers suffer major vulnerabilities the question is how secure is the browser code design, how often does it occur and how quick is it fixed.
Firefox built rust (a memory secure language) to make their browser secure and the reduced number of vulnerabilities show the results. Chrome has built are army of fuzzers to find vulnerabilities and paying large bounties and this shows in the higher number of vulnerabilities found found before evidence is found of them being in use by Cyber Attackers in the wild. Yet for Safari we consistently see critical vulnerabilities such as CVE-2023-23529 and six month ago with CVE-2022-32894 (https://support.apple.com/en-us/HT213413) which were actively used by Cyber attackers.
On the iOS, Apple mandates their browser processing engine (webkit) and forces Chrome and Firefox to use the same browser processing engine so on iOS they are also vulnerable and the only way to fix this is by Upgrading.
So where possible uninstall, upgrade or avoid using Safari.
Vertex Cyber Security provides Cyber Security Services to businesses that want peace of mind with their Cyber Protection. Contact Vertex if you want any help with Cyber Security.
