• Your favorite








    , and
  • Apple Gives Safari a Security Update

    Apple has just released a security update for Safari 4.0.4 (available for Windows and Mac) that hopefully resolves an issue that appears to have been capable of presenting a potentially catastrophic security problem.

    Then again, we may never know how "grave" the danger was since Apple doesn't play along with the established practice of competing browsers by revealing just how serious a threat to Safari truly is.

    According to Apple Insider:

    The security fixes address a wide range of problem points. On both Windows and Mac, parsing maliciously written XML content could have led to a browser crash, using shortcut menu options within a maliciously created Web site could have led to the disclosure of local information, and visiting a maliciously built Web site could have resulted in unexpected actions on
    other opened Web sites.
    The latest update for Safari - the first since late summer - is once again prompting Apple fans and critics alike to request more openness from the company regarding security threats that we're "not allowed" to know much about. Seth Rosenblatt at CNET put it best by suggesting that while it's good practice to update a program when a security fix has been released, Apple should be considerably more transparent on such matters and, in doing so, hold itself to the same standards as its chief competitors: Internet Explorer, Firefox, and Chrome.

    For Windows only, viewing a maliciously made image with an embedded color profile that could lead to a browser crash or running arbitrary code is no longer a threat, nor is accessing a maliciously crafted FTP server, which could have led to an
    unexpected crash, information disclosure, or arbitrary code execution. For Mac only, an exploit that could have allowed e-mail to remotely load audio and video content when loading a remote image has been disabled.
    Apart from resolving a handful of security issues, Apple says the 36.2MB Safari 4.0.4 update also lends to improved JavaScript performance and stability improvements for third-party plug ins, the search field, and Yahoo mail.

    The browser update can find its way to Mac and Windows systems through Apple’s software update utilities. Of course, if you're wondering when the iPhone will similarly get patched, your guess is as good as mine.

    Image via TheiPhoneBlog
    This article was originally published in forum thread: Apple Gives Safari a Security Update started by Michael Essany View original post
    Comments 11 Comments
    1. battlecrushr's Avatar
      battlecrushr -
      still mozilla beats safari for me
    1. plcrules's Avatar
      plcrules -
      wow im so updating now
    1. rhekt's Avatar
      rhekt -
      i think i have been infected. safaris been unexpectently crashing on me for a couple weeks. ive been sending the crash reports to apple every time. so i can definetly say apples safari security update was MY idea
    1. hancoma's Avatar
      hancoma -
      Quote Originally Posted by rhekt View Post
      i think i have been infected. safaris been unexpectently crashing on me for a couple weeks. ive been sending the crash reports to apple every time. so i can definetly say apples safari security update was MY idea
      I too have had this problem in the last couple of weeks...and my mac is only about 2 months old, and is still fairly virgin.
      It seems to be progressively getting worse....

      The only programs I have added is Sdk, cyberduck, media converters.
    1. rwin84's Avatar
      rwin84 -
      Its about time they fixed this...
    1. psychodave's Avatar
      psychodave -
      I still pref firefox
    1. nighthawk283's Avatar
      nighthawk283 -
      I used safrai on windows and it also frozed it completly so i stop using it and now use chrome
    1. SnowLeo's Avatar
      SnowLeo -
      Remember when Modmyi posted a little while back that on the 27" imacs safari was showing up as over 100% cpu usage on activity monitor?
      Well i have a 20" 2007 imac and was recently noticing a similar issue with it going up to 50% cpu...until i updated and got like 109%!
      What's up that!? isnt this supposed to fix things in safari not make them worse?? (right now im using a nightly build of webkit which doesnt seem to have the issue)
      If you have an imac or even any mac for that matter you should check how this new update is affecting your cpu as it is rediculous that it would get up too 100% CPU! (by the way the 100% is without an flash things running as i have the clicktoflash plugin-plugins were supposed to be better on this update too)

      I included a screenshot as proof of this madness and highly advise you DONT get this update (or get a nightly build of webkit here for faster preformance with squirrelfish javascript: The WebKit Open Source Project)

    1. hollow0's Avatar
      hollow0 -
      Quote Originally Posted by battlecrushr View Post
      still mozilla beats safari for me
      Yeah, i've stopped using Safari. Mozilla is way better. Safari to me is just too slow. But i guess i'll update anyway just to see if there is any performance boost.
    1. mikerlx's Avatar
      mikerlx -
      Safari crashed on macs past that i owned but never on my air.
    1. confucious's Avatar
      confucious -
      How is this iPhone news?