Security

Apple patches critical Safari holes

  • Email a Friend
  • Print Page
Related Articles
Breaking Stories
By Shaun Nichols
Apr 18, 2008 7:15 AM
Tags: Apple | patches | critical | Safari | holes

Apple has patched four security vulnerabilities in Safari affecting the Mac OS X and Windows versions of the web browser..

The vulnerabilities range from cross-site scripting to remote code execution.

For Windows XP and Vista users, the update addresses four flaws. Two of the vulnerabilities, a memory overflow error in the browser itself and a buffer overflow in the JavaScript component, could be exploited by an attacker to remotely install and execute malware on a target system.

Another flaw in the browser could allow for a URL to be displayed without the page itself being loaded. Apple warned that this could be exploited by an attacker to spoof legitimate sites by displaying normal URLs with forged web pages.

The fourth vulnerability is a flaw in the browser's WebKit component. An attacker could use a malformed URL to exploit the vulnerability and perform a cross-site scripting attack.

Mac users will receive updates for just two of the four flaws. Apple patched the JavaScript remote code execution flaw as well as the cross-site scripting vulnerability in the OS X version of the Safari patch.

Users can download the Safari update through Apple's Software Update application or from the company's Safari download site.

Copyright © 2009 vnunet.com

 
Comments

Be the first to comment on this article.
Thoughts on this article? Add a comment below.
Comment:
Want to participate in the discussion?
Or log in now to comment
 
 
Top Stories
Conroy opens NBNCo regulation debate
Conroy opens NBNCo regulation debate
Part two of the regulatory reforms paper.
 
Utilities wise up to smart grids
Utilities wise up to smart grids
Power to the people?
 
Sydney Water turned off wrong pipe
Sydney Water turned off wrong pipe
Admits error with Macquarie Telecom data centre.
 
Exclusive Data Centre - Sponsored Content by Microsoft

Spotlightthe topics we're following

Latest Comments

"I turn bluetooth off on my mobile to save the battery. Looks like now I've got another reason. "
by Slatts Jul 4, 2009 1:09 PM
 
"I'm kind of assuming that the water was used in water cooled condensers for the air-conditioning...."
by Slatts Jul 2, 2009 8:54 PM
 
"Why do we have to listen to Nick Minchin's comments? He is just about irrelevant in his opinions ..."
by ngo Jul 2, 2009 8:35 PM
 
" It's not very surprising that the Chinese junta still wants to impose the 'Green Dam - Youth ..."
by anonymous Jul 2, 2009 3:49 PM
 
"I would suggest for anyone wanting to join in the BOINC projects such as SETI@home, World ..."
by wolfgang8741 Jul 2, 2009 5:37 AM

Polls

What will you do when your iPhone contract comes up for renewal?
   |   View results
Retain my current service provider
  11%
 
Switch to a cheaper plan
  18%
 
Switch to a better network
  17%
 
Switch to whoever offers free tethering
  18%
 
Change handset altogether
  36%
TOTAL VOTES: 192

Vote
view previous polls »

Popular Tags

apple browser company critical fixes holes iphone ipod issues jobs macbook microsoft patch patches safari security store update updates windows