Wifi Password Recovery - UTM - Vulnerability Scanning
 

   

    
Toll Free: +1-888-704-7297

Sun Sun Sun

You are here: News > News > Latest Apple Safari Patch Fixes Critical Security Holes

» IT Security NEWS
 
» 12 November 2009
Latest Apple Safari Patch Fixes Critical Security Holes

Apple has recently issued a timely security update for the latest version of its web browser—Safari 4.0.4—this Wednesday. Available for Mac- and Windows-based operating systems, the Safari patch plugs security holes ranging from moderately threatening to severely crippling. Unlike fellow competitors like Chrome, Firefox, and Internet Explorer, the Apple browser doesn't issue any ratings for the graveness or seriousness of its fixes.

At any rate, the patches straightforwardly tackle a multitude of vulnerabilities, bugs, and other programming glitches. On both Mac and Windows, visiting a malware-infected website using Safari could result to unanticipated actions on other opened sites, parsing maliciously coded XML material can lead to a browser crash, and using shortcut menu features within a hacker-controlled website could expose and compromise your local system information.

One of the bugs involves an integer overflow that occurs whenever images with an embedded color profile are handled, which could cause a heap buffer overflow in certain situations. Ergo, hackers have developed a deviously made image sporting an embedded color profile that, when opened, could bring about an arbitrary code execution or an out-of-the-blue program termination. Apple has patched the overflow-causing problem by performing added validation of color profiles. Moreover, Mac OS X v10.6 systems are apparently immune to this programming weakness. Also, the problem has been fixed in the Mac OS X 10.5.8's Security Update 2009-005.

One other vulnerability involves libxml2's multiple use-after-free issues, the most dangerous of which could trigger an unforeseen application termination. The Apple Safari update deals with the software quandary by improving how the browser processes memory. The Update 2009-006 has fixed the issue for all Mac OS X 10.5.8 systems, and the Mac OS X 10.6.2 has already dealt with the problem from the get go.

The way Safari manages navigations started by the shortcut commands of "Open Link in New Tab", "Open Image in New Window", and "Open Image in New Tab" has been a bit problematic as of late. More to the point, utilizing these options on a hacker's spoofed or malware-encoded website could enable the cyber fiend to load a local HTML file that could cause him to expose and steal away all your sensitive system or personal data. The patch has fixed the security hole by stopping the aforesaid menu options from popping up when the target of a given link is a local file.

 

Click Here For Web Shop

Reviews of SecPoint.com
 
 
 
 
 

Subscribe to our Mailing List
Customer References
 
More satisfied customers
   
aAwards & Reviews
 

View more awards..

Free Services
Free Vulnerability Scan

Free WiFi Security Guide

Encyclopedia | Free Scan Statement | Link Policy | Privacy Statement | Resources | Sitemap | User Policy
© Copyright 1999-2012: SecPoint®
SecPoint ApS Noerregade 7B - 1165 Copenhagen K - Denmark
US Toll free: +1-888-704-7297 - EU: +45-70-235-245