Windows Safari beta riddled with security holes

— 12:06 PM on June 12, 2007

Apple loves to gloat about the viruses and security holes that frequently hit Windows software, but with its newly-released Safari browser beta for Microsoft's operating system, the iPod maker certainly isn't setting a good example. As CNet reports, security researchers managed to find security holes in the Windows version of Safari within hours of the browser's release.

One vulnerability, which was uncovered by researcher Aviv Raff in just a few minutes using publicly available software, is a memory corruption error that could be exploited to allow the execution of malicious code. Security researchers David Maynor and Thor Larholm, too, found bugs. In a blog entry, Maynor explains, "I'd like to note that we found a totl [sic] of 6 bugs in an afternoon, 4 DoS and 2 remote code execution bugs. We have weaponized one of those to be reliable and its diffrent [sic] that what Thor has found."

The researchers don't say whether the bugs also affect the MacOS X version of Safari, but this certainly doesn't bode well for Apple's first effort in the Windows browser world—as much as Apple might boast that its engineers "designed Safari to be secure from day one."

Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.