Apple Safari

Note: The direct download link is currently unavailable. It is available in the OS X 10.11.6 release, as well as in the Apple Security Updates.

Apple Safari is Apple's web browser that comes with OS X El Capitan. Safari is faster and more energy efficient than other browsers, so sites are more responsive and your notebook battery lasts longer between charges. Built-in privacy features are stronger than ever. It works with iCloud to let you browse seamlessly across all your devices. And it gives you great ways to find and share your favorites. Put it all together, and no other browser offers such a rich web experience.

Note: Safari is available as part of the update to OS X 10.11.6, from Software Update on the Mac App Store, or as part of the Apple Security Updates.

New and Improved

• Adds support for Safari Extensions from the Mac App Store
• Displays HTML5 video whenever available for faster load times, better battery life, and stronger security
• Enhances security by running plug-ins only on Web sites you authorize
• Improves AutoFill and adds support for auto-filling information from any contact in Contacts
• Enhances the formatting in Reader view
• Remembers zoom level for each Web site users visit

Security Fixes

• Safari Reader
  Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting
  Description: Multiple validation issues were addressed through improved input sanitization.
• Safari Tabs
  Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  Impact: Visiting a malicious website may lead to address bar spoofing
  Description: A state management issue existed in the handling of tab sessions. This issue was addressed through session state management.
• WebKit
  Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  Impact: Processing maliciously crafted web content may lead to arbitrary code execution
  Description: A parsing issue existed in the handling of error prototypes. This was addressed through improved validation.
• WebKit
  Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  Impact: Visiting a maliciously crafted website may leak sensitive data
  Description: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks.
• WebKit
  Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  Impact: Processing maliciously crafted web content may lead to arbitrary code execution
  Description: Multiple memory corruption issues were addressed through improved memory handling.
• WebKit
  Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  Impact: A malicious website may be able to access non-HTTP services
  Description: Safari's support of HTTP/0.9 allowed cross-protocol exploitation of non-HTTP services using DNS rebinding. The issue was addressed by restricting HTTP/0.9 responses to default ports and canceling resource loads if the document was loaded with a different HTTP protocol version.
• WebKit
  Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  Impact: Processing maliciously crafted web content may lead to arbitrary code execution
  Description: Multiple memory corruption issues were addressed through improved state management.
• WebKit
  Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  Impact: An attacker in a privileged network position may be able to intercept and alter network traffic to applications using WKWebView with HTTPS
  Description: A certificate validation issue existed in the handling of WKWebView. This issue was addressed through improved validation.