Apple loves to gloat about the viruses and security holes that frequently hit Windows software, but with its newly-released Safari browser beta for Microsoft's operating system, the iPod maker certainly isn't setting a good example. As CNet reports, security researchers managed to find security holes in the Windows version of Safari within hours of the browser's release.
One vulnerability, which was uncovered by researcher Aviv Raff in just a few minutes using publicly available software, is a memory corruption error that could be exploited to allow the execution of malicious code. Security researchers David Maynor and Thor Larholm, too, found bugs. In a blog entry, Maynor explains, "I'd like to note that we found a totl [sic] of 6 bugs in an afternoon, 4 DoS and 2 remote code execution bugs. We have weaponized one of those to be reliable and its diffrent [sic] that what Thor has found."
The researchers don't say whether the bugs also affect the MacOS X version of Safari, but this certainly doesn't bode well for Apple's first effort in the Windows browser world—as much as Apple might boast that its engineers "designed Safari to be secure from day one."
- Apple: Mac users should run anti-virus software[148]
- Poll: How will the Phenom II do against the competition?[112]
- AMD's 'Shanghai' 45nm Opterons[111]
- Core i7 beats Intel IGP in DirectX 10 software rasterizer[77]
- Vista Service Pack 2 to go gold in April?[70]
- Gabe Newell trash-talks gaming DRM[63]
- HP's LP2475w monitor: IPS at a bargain price[63]
- Left 4 Dead Patched: Dedicated Server Searching, Difficulty Settings Addressed
- Evening Reading
- Rock Band Country Music Pack Coming Dec. 16
- PlayStation Store Update: Free Qore, Tons of DLC, Super Stardust PSP and Everyday Shooter PSP
- C&C: Red Alert 3 Patch v1.05, World Builder Released; Includes DRM De-Authorization Tool