Report: Safari riddled with security holes


Apple’s Safari browser may not be nearly as secure as it should be and according to a new study, it’s putting its users at unnecessary risk.

Researcher Juan Pablo Lopez Yacubian spent some time with Safari 3.1.1 for Windows recently and found that the browser suffers from a number of vulnerabilities that could create problems for its users. And although he didn’t test out Mac versions of the software, he did say that any Safari installation might also be affected.

Three major problems

According to the researcher, Safari suffers from three major vulnerabilities that make it subject to malicious code. These are: "a denial-of-service (crash) vulnerability caused by a write-access violation, a denial-of-service (crash) vulnerability caused by a read-access violation, and a third vulnerability that allows attackers to spoof the content contained in the address bar."

Unfortunately, Yacubian is unaware of any workarounds and said that the only fix is to abandon the use of Safari until Apple patches it. Versions of Firefox 2 and Opera were highly recommended.