Safari on Windows ventures into first security flaw

By

Researcher blows up Apple's security claims.

Safari on Windows ventures into first security flaw
Security researcher Aviv Raff claims to have found a first security vulnerability in Apple's Safari browser on Windows only hours after the software was released.

Raff tested the application against a standard browser security testing tool.

"A first glance at the debugger showed me that this memory corruption might be exploitable. Although, I'll have to dig more to be sure of that," he wrote on his blog.

Apple on Monday unveiled a beta of a Windows version of its Safari web browser. The final product is scheduled for release in October.

In a keynote presentation at Apple's World Wide Developer Conference in San Francisco, chief executive Steve Jobs touted that the browser would up to twice as fast as Microsoft's Internet Explorer, but didn't mention Internet Explorer's security record.

Apple lists the browser's security as one of twelve reasons as to "Why you'll love Safari" and adds that "Apple engineers designed Safari to be secure from day one."

Raff earlier this year worked on the "Month of Apple bugs", during which researchers published details on a slew of vulnerabilities in the Apple software. It was intended to challenge Apple's security record. He took the company's boasting about Safari's security as a personal challenge.

"So, I've decided to take it for a test drive and ran Hamachi. I wasn't surprised to get a nice crash few minutes later...," he wrote. Hamachi is a tool that tests a browser's integrity.

"Don't you hate those pathetic claims?" he flamed in the closing of his post in reference to Apple's marketing speak.

Apple didn't immediately respond to a request for comment.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
firstflawintoonsafarisecurityventureswindows

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?