Return to site

Safari Private Browsing El Capitan

broken image


Much like Safari, Mail may be using extensions that El Capitan doesn't care for. Go to the Mail Menu, go to Preferences, and select Extensions. Uncheck all your extensions and relaunch to see if. If you're interested in a similar overview covering Safari on iOS, check out this guide. This guide assumes you are using the latest public release of OS X El Capitan (10.11.6 as of initial writing), which you can check by clicking the symbol in the menu bar at the top left. Safari is the web browser installed with OS X El Capitan. If you don't care for Safari, check out Firefox or Chrome, which are both free browsers and have features you won't find in Safari. It never hurts to have a spare in case Safari has issues with a particular website. Note: OS X El Capitan v10.11 includes the security content of Safari 9. Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement.

Freeware
macOS
63.9 MB
110,884

The best browser for your Mac is the one that comes with your Mac. Safari is faster and more energy efficient than other browsers, so sites are more responsive and your notebook battery lasts longer between charges. Built-in privacy features are stronger than ever. It works with iCloud to let you browse seamlessly across all your devices. Ps4 open source. And it gives you great ways to find and share your favorites. Put it all together, and no other browser offers such a rich web experience.

Other download links:

What's New:

Safari 14.0 introduces new features, even faster performance, and improved security.

  • New tab bar design shows more tabs on screen and displays favicons by default
  • Customizable start page allows you to set a background image and add new sections
  • Privacy Report shows cross-site trackers that are being blocked by Intelligent Tracking Prevention
  • Removes support for Adobe Flash for improved security

Longer battery life and faster performance.

With a blazing-fast JavaScript engine and energy-saving technologies, Safari is a faster, more enjoyable way to explore the web.

Browse longer. Watch more.

Safari is engineered specifically for Mac, so it takes advantage of the powerful technologies built into every one. And Safari now offers native support for Netflix. So compared with Chrome and Firefox, you can browse for up to two hours longer and watch Netflix videos up to three hours longer.

Faster than Chrome and Firefox.

Browsing with Safari is blazing fast thanks to advanced JavaScript engine optimizations that make websites and web applications feel snappier.

Defending your online privacy and security.

Privacy and security aren't just something you should hope for — they're something you should expect. That's why features to help protect your privacy and keep your Mac secure are built into Safari. For example, it's the only browser to offer DuckDuckGo — a search engine that doesn't track you — as a built-in option.

Surf seamlessly across all your devices.

Not only does Safari come on every Mac, it comes on every iPhone, iPad, and iPod touch, too. And thanks to iCloud, your passwords, bookmarks, history, tabs, and Reading List are always up to date no matter which device you're using.

Discover something great. Then share it just as easily.

Safari makes it simple to find and enjoy the best of the web. And we've made it easy to share what you find with others.

Spotlight suggestions.

With Spotlight built into every Mac, you're never far from the information you want. As you type in the Smart Search field, Spotlight suggestions display results from sources like Wikipedia, news sites, Maps, iTunes, movie listings, and more.

Share menu.

Share anything you come across on the web without leaving Safari. Just click the Share button, then choose how you want to send it off. Use Mail, Messages, or AirDrop. Tweet or post to Facebook. And even add comments and locations. A single sign-on sets up sharing to Facebook and Twitter, so you only need to log in once.

Shared Links.

Shared Links is the best way to see what's up on the web. When you're in the mood to read something new, quirky, or cool, open Shared Links in the Safari Sidebar, where you can view links from people you follow on Twitter and LinkedIn. You can scroll seamlessly from one story to the next, no clicking required.

What's New:

General

New Features

  • Added Desktop-class Browsing to Safari for iPad. Safari for iPad displays the same desktop websites as Safari for macOS, and provides the same capabilities. In addition it has more keyboard shortcuts, a download manager with background downloads, and support for top productivity websites.
  • Added opt-in dark mode support for websites in Safari for iOS.
  • Added support for aborting Fetch requests.

Authentication and Passwords

New Features

  • Updated Safari to prompt the user to change weak passwords when signing into a website. Requesting a password change uses the well-known URL for changing passwords, enabling websites to specify the page to open for updating a password.
  • Added support for FIDO2-compliant USB security keys with the Web Authentication standard in Safari on macOS.
  • Added support for Sign in With Apple to Safari and to WKWebView.

Security and Privacy

New Features

  • Added a permission API on iOS for DeviceMotionEvent and DeviceOrientationEvent.
  • Changed the behavior for third party iframes to prevent them automatically navigating the page.
  • Updated Intelligent Tracking Prevention to prevent cross-site tracking through referrer and through link decoration.
  • Improved the privacy of local WebRTC data connections with mDNS ICE candidates.
  • Increased the security for WebKit sandboxes on iOS and macOS.

Layout and Rendering

New Features

  • Added support for one-finger accelerated scrolling to all frames and overflow:scrollelements eliminating the need to set-webkit-overflow-scrolling: touch.
  • Changed the default behavior on iPad for wide web pages with responsive meta-tags that require horizontal scrolling. Pages are scaled to prevent horizontal scrolling and any text is resized to preserve legibility.
  • Added support for CSS conic gradients.

Performance

New Features

  • Reduced the initial rendering time for webpages on iOS.
  • Added automatic support for Fast Tap to desktop websites on iPad.
  • Reduced load time up to 50% for webpages on watchOS.
  • Reduced the amount of memory used by JavaScript, including for non-web clients.
  • Improved the MotionMark graphics performance benchmark score by 10%.

Web API

New Features

  • Added support for the __Secure- and __Host- cookie prefixes in beta 3.
  • Improved iPad hardware keyboard support for websites including focus navigation and scrolling with the arrow keys.
  • Added support for the Pointer Events API enabling consistent access to mouse, trackpad, touch, and Apple Pencil events.
  • Added support for the Visual Viewport API for adjusting web content to avoid overlays, such as the onscreen keyboard.
  • Added support for programmatic paste with user consent to Safari for iOS.
  • Updated editing callouts to avoid in-page controls.
  • Added intelligent whitespace to editable WebViews and editable areas of webpages.

Payment Request API

New Features

  • Added support for Apple Pay on the Web to WKWebView. Note that using script injection APIs, such as WKUserScript or evaluateJavaScript(_:completionHandler:)disables Apple Pay for that view.

Media

New Features

  • Added support for the decodingInfo() method of the Media Capabilities API for checking supported codecs, efficiently supported codecs, and optional codec features including alpha.
  • Added the ability to Safari for macOS to share your screen with others using only web technologies. Plug-ins are no longer required.
  • Updated Safari for iPad to support Media Source Extensions.
  • Added support for the navigator.mediaDevices property of the Media Capture and Streams API to SFSafariViewController.

Resolved Issues

  • Transparency in video with an alpha channel now works correctly for all supported video formats.
  • Safari App Extension API

New Features

  • Added an API for page navigation notifications.
  • Added support for associated Safari App Extensions receiving blocked content notifications from Content Blocker Safari Extensions.

Web Inspector and Tools

New Features

  • Added Safari WebDriver to iOS.
  • Added importing and exporting of recorded timeline data.
  • Added the CPU Usage Timeline for analyzing and improving the power efficiency of websites.
  • Added the Audit tab for running tests against web content including a built-in accessibility audit, importing and exporting results, and creating custom audits.
  • Added the Changes sidebar in the Elements tab to track CSS changes in the Styles sidebar.
  • Added the Device Settings menu to override developer-related Safari settings when Web Inspector is connected to an iOS device.
  • Added a Security tab to the resources view of the Network tab to review certificates and TLS settings.
  • Increased the performance of Web Inspector for large sites.

Removed Features

  • Removed support for WebSQL.
  • Removed support for Legacy Safari Extensions.
  • Disabled -webkit-overflow-scrolling: touch on iPad. All frames and scrollable overflow areas now use accelerated one-finger scrolling without changing stacking.
  • Disabled frame flattening on iOS. Frames now render in the same way as a desktop browser.

AuthenticationServices Framework

New Features

  • Added ASAuthorizationController to implement Sign In with Apple and to use a system-provided sign-in account picker for accounts stored in iCloud Keychain.
  • Added ASWebAuthenticationSession to the SDK for macOS.
  • Added support for using web browsers other than Safari to ASWebAuthenticationSession on macOS. For more information, see ASWebAuthenticationSessionWebBrowserSessionManager.

Software similar to Safari Browser for Mac 4

  • 121 votes
    Opera GX is a special version of the Opera browser built specifically to complement gaming. The browser includes unique features to help you get the most out of both gaming and browsing.
    • Freeware
    • Windows/macOS
  • 28 votes
    Bringing together all kinds of awesomeness to make browsing better for you.
    • Freeware
    • macOS
  • 30 votes
    Chrome combines a minimal design with sophisticated technology to make the web faster, safer, and easier.
    • Freeware
    • macOS

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.

Safari private browsing el capitan safari

Apple security documents reference vulnerabilities by CVE-ID when possible.

Safari 11.1

Released March 29, 2018

Safari

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Visiting a malicious website may lead to address bar spoofing

Description: An inconsistent user interface issue was addressed with improved state management.

CVE-2018-4102: Kai Zhao of 3H security team

CVE-2018-4116: @littlelailo, xisigr of Tencent's Xuanwu Lab (tencent.com)

Safari Downloads

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: In Private Browsing, some downloads were not removed from the downloads list

Description: An information leakage issue existed in the handling of downloads in Safari Private Browsing. This issue was addressed with additional validation.

Update Safari El Capitan

CVE-2018-4186: an anonymous researcher

Entry added May 2, 2018

Safari Login AutoFill

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction.

Description: Safari autofill did not require explicit user interaction before taking place. The issue was addressed with improved autofill heuristics.

CVE-2018-4137

Entry updated November 16, 2018

Ms excel macro programming. WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab

CVE-2018-4114: found by OSS-Fuzz

CVE-2018-4118: Jun Kokatsu (@shhnjk)

CVE-2018-4119: an anonymous researcher working with Trend Micro's Zero Day Initiative

CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team

CVE-2018-4121: Natalie Silvanovich of Google Project Zero

CVE-2018-4122: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4127: an anonymous researcher working with Trend Micro's Zero Day Initiative

CVE-2018-4128: Zach Markley

CVE-2018-4129: likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative

CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative

CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative Ipad format tool.

CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack

Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.

CVE-2018-4133: Anton Lopanitsyn of Wallarm, Linus Särud of Detectify (detectify.com), Yuji Tounai of NTT Communications Corporation

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Unexpected interaction with indexing types causing an ASSERT failure

Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks.

CVE-2018-4113: found by OSS-Fuzz

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Processing maliciously crafted web content may lead to a denial of service

Description: A memory corruption issue was addressed through improved input validation.

CVE-2018-4146: found by OSS-Fuzz

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: A malicious website may exfiltrate data cross-origin

Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation.

CVE-2018-4117: an anonymous researcher, an anonymous researcher

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Unexpected interaction causes an ASSERT failure

Description: This issue was addressed with improved checks.

CVE-2018-4207: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Unexpected interaction causes an ASSERT failure

Description: This issue was addressed with improved checks.

CVE-2018-4208: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Update safari el capitan

Apple security documents reference vulnerabilities by CVE-ID when possible.

Safari 11.1

Released March 29, 2018

Safari

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Visiting a malicious website may lead to address bar spoofing

Description: An inconsistent user interface issue was addressed with improved state management.

CVE-2018-4102: Kai Zhao of 3H security team

CVE-2018-4116: @littlelailo, xisigr of Tencent's Xuanwu Lab (tencent.com)

Safari Downloads

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: In Private Browsing, some downloads were not removed from the downloads list

Description: An information leakage issue existed in the handling of downloads in Safari Private Browsing. This issue was addressed with additional validation.

Update Safari El Capitan

CVE-2018-4186: an anonymous researcher

Entry added May 2, 2018

Safari Login AutoFill

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction.

Description: Safari autofill did not require explicit user interaction before taking place. The issue was addressed with improved autofill heuristics.

CVE-2018-4137

Entry updated November 16, 2018

Ms excel macro programming. WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab

CVE-2018-4114: found by OSS-Fuzz

CVE-2018-4118: Jun Kokatsu (@shhnjk)

CVE-2018-4119: an anonymous researcher working with Trend Micro's Zero Day Initiative

CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team

CVE-2018-4121: Natalie Silvanovich of Google Project Zero

CVE-2018-4122: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4127: an anonymous researcher working with Trend Micro's Zero Day Initiative

CVE-2018-4128: Zach Markley

CVE-2018-4129: likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative

CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative

CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative Ipad format tool.

CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative

CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack

Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.

CVE-2018-4133: Anton Lopanitsyn of Wallarm, Linus Särud of Detectify (detectify.com), Yuji Tounai of NTT Communications Corporation

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Unexpected interaction with indexing types causing an ASSERT failure

Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks.

CVE-2018-4113: found by OSS-Fuzz

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Processing maliciously crafted web content may lead to a denial of service

Description: A memory corruption issue was addressed through improved input validation.

CVE-2018-4146: found by OSS-Fuzz

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: A malicious website may exfiltrate data cross-origin

Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation.

CVE-2018-4117: an anonymous researcher, an anonymous researcher

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Unexpected interaction causes an ASSERT failure

Description: This issue was addressed with improved checks.

CVE-2018-4207: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Unexpected interaction causes an ASSERT failure

Description: This issue was addressed with improved checks.

CVE-2018-4208: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Unexpected interaction causes an ASSERT failure

Description: This issue was addressed with improved checks.

CVE-2018-4209: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Unexpected interaction with indexing types caused a failure

Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.

CVE-2018-4210: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Unexpected interaction causes an ASSERT failure

Safari Private Browsing El Capitan Mac Os

Description: This issue was addressed with improved checks.

CVE-2018-4212: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Unexpected interaction causes an ASSERT failure

Description: This issue was addressed with improved checks.

CVE-2018-4213: found by OSS-Fuzz

Entry added May 2, 2018

WebKit

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4

Impact: Processing maliciously crafted web content may lead to code execution

Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4145: found by OSS-Fuzz

Entry added October 18, 2018

Additional recognition

WebKit

We would like to acknowledge Johnny Nipper of Tinder Security Team for their assistance.





broken image