About Apple security updates
- Safari 11.1.2 For El Capitan 8
- Safari 11.1.2 For El Capitan Download
- Download El Capitan
- El Capitan Safari Tents
- Safari 11.1.2 For El Capitan Version
Mar 26, 2020 Sign in With Apple account to Safari now supported; New Changes sidebar in the Elements tab; Added the Device Settings menu; New Security tab in the resources view; Safari Developer Tools; Pay with Apple Pay; Customizable RSS feeds; Safari Editions. Mojave 13.0.1; High Sierra 13.0.1; Sierra 12.1.2; El Capitan 11.1.2; Yosemite 10.1.2. Safari 11 as a separate download is only available for Sierra and El Capitan. Safari 11 is included by default in macOS High Sierra 10.13, which is due for widespread public release for Mac users on September 25. Separately, Apple has also released iOS 11 update for iPhone and iPad, along with tvOS 11 for Apple TV and watchOS 4 for Apple Watch. Download Safari 10.1.2 (El Capitan) for Mac from FileHorse. 100% Safe and Secure Fastest web browser for Mac from Apple.
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.
For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.
Apple security documents reference vulnerabilities by CVE-ID when possible.
Safari 11.1.2
Released July 9, 2018
Safari
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with improved state management.
CVE-2018-4279: Ruilin Yang, Xu Taoyu (xia0yu.win) https://skyeysystems614.weebly.com/macos-asking-for-gmail-password.html.
CVE-2018-4362: Jun Kokatsu (@shhnjk)
Entry updated October 30, 2018
WebKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Samsung internet for macos.
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2018-4270: found by OSS-Fuzz
WebKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6
Impact: A malicious website may exfiltrate audio data cross-origin
Description: Sound fetched through audio elements may be exfiltrated cross-origin. https://skyeysystems614.weebly.com/download-cool-widgets-for-macos-2017.html. This issue was addressed with improved audio taint tracking.
CVE-2018-4278: Jun Kokatsu (@shhnjk)
WebKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A type confusion issue was addressed with improved memory handling.
CVE-2018-4284: found by OSS-Fuzz
Entry updated October 30, 2018
WebKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6
Safari 11.1.2 For El Capitan 8
Impact: A malicious website may be able to cause a denial of service
Description: A race condition was addressed with additional validation.
CVE-2018-4266: found by OSS-Fuzz
WebKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
CVE-2018-4261: Omair working with Trend Micro's Zero Day Initiative
CVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative
![Download Download](/uploads/1/2/6/5/126568003/470345668.png)
CVE-2018-4263: Arayz working with Trend Micro's Zero Day Initiative
CVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab
CVE-2018-4265: cc working with Trend Micro's Zero Day Initiative
CVE-2018-4267: Arayz of Pangu team working with Trend Micro's Zero Day Initiative
CVE-2018-4272: found by OSS-Fuzz
WebKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash
Description: Multiple memory corruption issues were addressed with improved input validation.
https://skyeysystems614.weebly.com/canon-utilities-for-mac-yosemite.html. CVE-2018-4271: found by OSS-Fuzz
CVE-2018-4273: found by OSS-Fuzz
WebKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
CVE-2018-4274: Tomasz Bojarski
Safari 11.1.2 For El Capitan Download
Entry updated October 30, 2018
WebKit Page Loading
Download El Capitan
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6
El Capitan Safari Tents
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with improved state management.
Safari 11.1.2 For El Capitan Version
CVE-2018-4260: xisigr of Tencent's Xuanwu Lab (tencent.com)