Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
05-11-2010, 03:24 PM #1
Another Zero-Day Hole Found in Safari
Safari 4.0.5 has what researchers are calling a "highly critical" vulnerability that can potentially allow a hacker to install malware on Windows PCs. Analysts from Secunia, the security service provider from Denmark, believe that the same hole could exist on the Mac version as well, but this has not yet been confirmed. As yet there have been no known attacks in the wild exploiting the vulnerability.
The zero-day hole involves a bug in the way Safari handles parent windows that would allow an attacker "to execute arbitrary code when a user visits a specially-crafted webpage and closes opened pop-up windows," Secunia's advisory reads. The US government's Computer Emergency Readiness Team (CERT) confirmed the vulnerability, and additionally notes that the hole can be exploited by HTML mail that's read using Safari, putting users of services like Gmail and Hotmail at risk. The US CERT warns that "exploit code for this vulnerability is publicly available."
Polish researcher Krystian Koskowski discovered the hole, and executed a proof-of-concept hack in Secunia's labs. The firm gives the vulnerability "highly critical," the second-highest rating on its five-level scale.
The Following User Says Thank You to Paul Daniel Ash For This Useful Post:
05-11-2010, 03:28 PM #2
Never liked nor use Safari anyways, so not breaking a sweat...
Last edited by iLaw-One; 05-11-2010 at 03:30 PM.
05-11-2010, 03:35 PM #3
05-11-2010, 03:39 PM #4
Really?? Safari for Windows? Who in the world uses THAT combo?
05-11-2010, 03:46 PM #5
If im ever on a pc, yeah. But im always pon di mac.
If im ever on a pc, yeah. But mi always pon di mac.
Last edited by Count Tracula; 05-11-2010 at 03:46 PM. Reason: Automerged Doublepost
05-11-2010, 03:54 PM #6
pon di river pon di mac
05-11-2010, 04:20 PM #7
I had no new updates : / What's up with that?My Devices:
iPod Touch 4g 4.1 - Jailbroken
iPad 4.2.1 - Jailbroken
05-11-2010, 04:26 PM #8
Because Apple has pretty bad response time to issues like this.
The last zero day security risk was left open for almost a month before being patched.
05-11-2010, 04:42 PM #9
05-11-2010, 04:42 PM #10
good thing im using firefox
05-11-2010, 05:18 PM #11
05-11-2010, 05:29 PM #12
I'm loving the pictures on the recent news posts. Seems like the quality of reporting has gone up as well. Thanks guys.
05-11-2010, 05:32 PM #13
05-11-2010, 05:34 PM #14
Why would someone ever use Safari on Windows? I have Google Chrome.
05-11-2010, 05:36 PM #15
05-11-2010, 05:39 PM #16
05-11-2010, 05:56 PM #17
use 2 ipads
05-11-2010, 06:18 PM #18
intego just had an update yesterday. didnt specify thoughkillall Terminal
05-11-2010, 06:38 PM #19
thats why i use firefox
05-11-2010, 06:57 PM #20