Updated 10 hours ago

9724 products + 890 members

Report: Safari riddled with security holes

Study suggests Apple isn't doing enough to secure browser

April 24th | Reader comments (6)

Safari reportedly suffers from three major vulnerabilities that make it subject to malicious code

ZoomZoom

<>

Apple’s Safari browser may not be nearly as secure as it should be and according to a new study, it’s putting its users at unnecessary risk.

Researcher Juan Pablo Lopez Yacubian spent some time with Safari 3.1.1 for Windows recently and found that the browser suffers from a number of vulnerabilities that could create problems for its users. And although he didn’t test out Mac versions of the software, he did say that any Safari installation might also be affected.

 Three major problems

According to the researcher, Safari suffers from three major vulnerabilities that make it subject to malicious code. These are: "a denial-of-service (crash) vulnerability caused by a write-access violation, a denial-of-service (crash) vulnerability caused by a read-access violation, and a third vulnerability that allows attackers to spoof the content contained in the address bar."

Unfortunately, Yacubian is unaware of any workarounds and said that the only fix is to abandon the use of Safari until Apple patches it. Versions of Firefox 2 and Opera were highly recommended.

By Don Reisinger
 

Reader comments (6) Jump to Add Comment

robertjamespaul

April 24th

robertjamespaul

6. safari is rubbish in comparison to firefox. ie7 isn't brilliant, but still does the job

Alert a moderator

calcio

April 24th

calcio

5. I actually don't mind IE7 either - but that's my guilty secret so don't tell anyone...

Alert a moderator

techkernow

April 24th

techkernow

4. Does anyone still actually use Safari? Why?

Alert a moderator

james

April 24th

james

3. Yeah I agree it was very sneaky of Apple to smuggle Safari onto people's machines like that. Why any PC-user would currently choose Safari over Firefox is a mystery...

Alert a moderator

calcio

April 24th

calcio

2. The update thing was farcical - but I imagine that the exploits only matter if people actually use the Safari browser that they accidentally installed.

Alert a moderator

nicolasmerritt

April 24th

nicolasmerritt

1. I imagine all those people who have been pushed Safari as part of their iTunes update won't be pleased to see this.

Alert a moderator

Submit your comment

You need to Log in or register to post comments

By submitting this form you agree to our Terms of Use and so are legally responsible for anything you submit. DO NOT submit anything which may violate the Terms of Use or another person's rights including copyrighted or offensive materials.