Safari and Firefox updates plug critical holes Tuesday marked a busy day for alternative browser security updates with patches from both Apple and Mozilla. An update to Apple's Safari browser resolves three vulnerabilities for Windows and two for OS X. One of the flaws is particular to Windows while the other two involve Safari's WebKit engine and affect both Mac and Win …
The security update suggests that extensions have been given a secure (sic) connection.
However, one of these extensions still breaks the https page status - green EVC text at right of URL panel disappears, if you are connecting to your bank for instance. This will also upset Rapport, if your bank uses this.
You can check this in the "Activity" window - if there are http requests in amongst https ones for a secure page, this might be an extension requesting stuff, so beware - it's easier to write a script to divert http requests (so I'm told).
Hopefully Apple are working on this - it's about 3 weeks since I told them, and oh yes I did get a reply (two so far, not just autoreply ones).
«Tuesday marked a busy day for alternative browser security updates with patches from both Apple and Mozilla.» Given that, according to StatCounter (http://preview.tinyurl.com/2v5odq9 ), Firefox currently enjoys a worldwide market share of over 30 %, perhaps it is no longer apt to characterise it as an «alternative browser» ?...
Henri
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
