Feeds

back to article Code-execution bug found in Apple Safari

The latest version of Apple's Safari browser contains a critical bug that allows attackers to install malware on end user machines, security researchers have warned. The flaw in the way Safari handles parent windows can be exploited "to execute arbitrary code when a user visits a specially-crafted webpage and closes opened pop- …

COMMENTS

This topic is closed for new posts.

This post has been deleted by its author

Wha...?

"The US Computer Emergency Readiness Team" BooYaaahhh!

They really love this shit those yanks, don't they?

3
1
Silver badge

"The US Computer Emergency Readiness Team"

Sounds like something from a Tom Clancy novel.

3
1
Coat

boorah

*kshht*Tango Down*kshht*

*kssh*Good kill, Good kill, over*kshht*

3
0
Stop

Not only the yanks...

Since when are the yanks the only ones to have a CERT?

http://en.wikipedia.org/wiki/Computer_emergency_response_team

0
0
Bronze badge

You really haven't heard of US-CERT before?

Did you just get a computer for your birthday, sonny?

You'll hear a lot more about them. Get ready.

1
0

The sky is falling.

But, but, but, there's no viruses on Apple stuff?

Everyone knows that.

1
2
Anonymous Coward

Eh?

Who said anything about viruses? Appart from you, that is.

1
0
Gates Horns

RE: The sky is falling.

It's only been confirmed on the Windows version.

I'll bet I know why...

1
1
FAIL

C,C++

"Industry Standard" is probably the reason for this.

0
0
Anonymous Coward

Gosh!

A browser with a security vulnerability? Who'd have thought it?

0
0
Gold badge
Joke

Safari:

Noun: Holiday. Specifically one where you go somewhere exciting, see lots of interesting things and also quite probably catch something nasty. You may also get badly burned and regret it.

See also: Sun lotion, Montezuma's revenge.

2
0
Joke

Explorer

Someone who scouts things out and takes all the risks that those who later go there on a "holiday" then know how to avoid...

0
0
Silver badge

Whoops!

I 'spose you mean "Moctezuma's Revenge" ;)

Safari is also an adventure that sometimes ends up with you being eaten by lions. Whoopee!!

0
0
Flame

So...

So you have to disbable JavaScript, and Flash crashes (aledgerly) - how do you use Web 2.0 now Mactards ?

2
4
FAIL

@Tom Chiverton 1

"So you have to disbable JavaScript, and Flash crashes (aledgerly) - how do you use Web 2.0 now Mactards ?"

A lot more smoothly and safely than the Wintards.

You may have noticed that this defect affects the Windows version of Safari...

2
0
Anonymous Coward

Can they work on something for Linux now?

I'm sure if all the Windows users chipped in together, there would be a nice cash incentives to shut the rest of the smug bastards up.

0
0
Anonymous Coward

Windows Safari

I'll bet 10p that this doesn't affect Safari on OSX.

Even if it did, most of us browse with the "Block Pop-Up Windows" option turned on...

1
1
Grenade

@Tom, @AC

So yeah Safari (on WINDOWS) has a problem that MIGHT affect Macs. Read the article. Anyway it's a BROWSER issue, not an OS issue. Get your facts right.

0
1
FAIL

RE: Apple Bashing

Predicatably the MS defenders have crawled out of the woodwork again. Every vulnerability reported in an Apple or Mozilla product draws them out.

Guys, a vulnerability in a browser is hardly uncommon is it? IE has, after all, had more than it's fair share. It's hardly the end of the world for Apple or Safari because one vulnerability has been found - there have been several others.

Notice something about this vulnerability? It only effects Windows. And that AV vulnerability reported yesterday? That is effectively a Windows problem too. The message MS and their fanboys should be taking home from this: Windows is inherently insecure.

1
0
Anonymous Coward

letters and/or digits

"Predicatably the MS defenders have crawled out of the woodwork again. Every vulnerability reported in an Apple or Mozilla product draws them out."

Likewise for every Windows flaw.

0
0
Linux

WebKit/Safari/Camino Mac OS X Results

WebKit and Safari both display the text dump of the file.

Camino Downloads the file.

After expanding the rar file, and opening it (default to webkit)

I do have to end task.

So, it's a vulnerability for one web browser that you have to download with a different engine based browser?

Penguin, because browsing text mode only in lynx is the only way to be sure...

0
0
This topic is closed for new posts.