Carnegie Mellon University School of Computer Science
May 10, 2021

macOS Critical Safari Vulnerability - Update Now

Safari Web Browser Affected

This event is: Ongoing

Safari memory corruption issue. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)

PLATFORMS AFFECTED:
Update/Patch Available: Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), macOS Big Sur 11.2.3.

CRITICAL IMPACT:

Processing maliciously crafted web content may lead to arbitrary code execution.

Active exploits have been reported in the wild for two Safari 14 vulnerabilities for macOS Mojave through Big Sur.  Safari version 14.1 patches these vulnerabilities. To patch these security flaws, please install the most recent updates via Apple Software Update. 

WHAT YOU HAVE TO DO:

Install Software Updates in Mojave or Catalina

BEFORE YOU PROCEED: If you are currently using macOS Mojave or Catalina, ensure you are only installing security updates via the “More Info” link (see screenshot in second step below) to avoid a full macOS version upgrade. The “Upgrade Now” button will upgrade a Mac to macOS Big Sur if you wish to do so.

screenshot of open apple menu selecting the option: about this mac

  • Click on the Apple menu on the menubar.
  • Click “About this Mac".
  • Click the “Software Update” button. 

 

 

macos-safari-vulnerability-moreinfo.pngATTENTION Mojave and Catalina users: If you do not want to upgrade your full system, you can choose to install only security updates by clicking the “More info” link. 

This will avoid a full macOS update. If you are certain you want to upgrade your macOS to the latest version you can click the “Upgrade Now” button to begin the upgrade.

list of available updates with button to install now highlighted

  • Ensure the appropriate Safari update is selected (check boxes). 
  • Select other available updates if desired. 
  • Click 'Install Now' to begin the update process. 

Install Software Updates in Big Sur

Big Sur users can expect to see the screen below.

big sur's update now screen

  • Click on the Apple menu on the menubar.
  • Click “About this Mac".
  • Click the “Software Update” button. 
  • Click "Update Now". 

Please Note: Safari 14.1 is a standalone update for Mojave and Catalina whereas for Big Sur it is included in macOS Big Sur update 11.3.1.