Apple Patches Safari for Flaws in WebKit Rendering Engine
Even though Google now uses its own Blink Web rendering engine, it is still heavily contributing to Apple WebKit security.Apple updated its Safari Web browser this week, thanks in no small part to the efforts of Google. The Safari 7.0.3 and 6.1.3 browsers were both released by Apple on April 1 for Mac OS X users. In total, the browser updates provide fixes for 27 vulnerabilities, with the Google Chrome Security Team reporting 16 of them. All the vulnerabilities fixed in the Safari update are within the WebKit rendering engine. Until April 2013, the open-source WebKit was also the rendering engine used by Google to power its Chrome Web browser. Google decided a year ago to fork WebKit into its own rendering engine, known as Blink. At the time, there was some speculation that Google's forking the WebKit would potentially leave Safari security at risk. Google has long been a key contributor of research and bug fixes to WebKit, benefiting both Safari and Chrome users. As it turns out, even though Blink is a code fork, it still relies on elements of the WebKit engine and Google still has a need to patch those elements, which also impacts Safari.
All the WebKit issues reported in the Safari update are memory-related issues.