Safari Safe for Mac Users, Highly Critical for Windows Users
Article by George Norman
On 12 May 2010
The other day we were reporting that the Apple-developed Safari web browser is plagued by a highly critical security vulnerability that could allow arbitrary code to be executed on the targeted machine. If exploited by a person with malicious intent, the vulnerability could allow for remote code execution. If someone with malicious intent sets up a special website, when the user visits said website and closes a popup window for example, it could lead to remote code execution.

The vulnerability has been confirmed by Secunia, Danish company that specializes in providing software for vulnerability management and is best known for tracking the latest security threats and offering info about patches. It has also been confirmed by the United States Computer Emergency Readiness Team (US-CERT).


“Apple Safari fails to properly handle references to window objects. Safari can allow a window object to be deleted while references to the object may still exist. If JavaScript code then attempts to use the deleted window object, this can result in the use of an invalid pointer. This pointer can be controlled by an attacker through the use of JavaScript. By convincing a victim to view an HTML document with Apple Safari, an attacker could run arbitrary code with the privileges of the user running the application,” said the US-CERT.

Both security companies have confirmed that the Windows version of Safari 4.0.5 is vulnerable. The US-CERT has also informed that exploit code is publicly available. It looks bad for Windows users – not so much for Mac users.

Intego, company that specializes in providing security solutions for Mac, has taken a look at this vulnerability and found that Mac users are safe.

“Intego’s security researchers have run tests on the current version of Safari for Mac (4.05), and found that this flaw does not exist. Intego has not tested previous versions of Safari. So for now, it’s safe to say that Mac users don’t need to worry about this one,” commented an Intego representative.

Tags: Secunia, Apple, Safari, Vulnerability, Security, US-CERT, Intego
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Safari Safe for Mac Users, Highly Critical for Windows Users
HTML Linking Code