iTWire - Safari 4.0: security fixes galore!

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Safari 4.0: security fixes galore!

Safari 4.0: security fixes galore!

E-mail

by Stephen Withers
Tuesday, 09 June 2009
Page 1 of 2 Safari 4.0 delivers a laundry list of security fixes. Many of them are Windows-specific, but that still leaves plenty that also apply to Mac OS X. Featured Whitepaper 5 Best Practices for Smartphone Support Apple has disclosed 48 security fixes in Safari 4.0, 11 of them specific to Windows. Let's get the problems peculiar to the Windows implementation out of the way first. Issues include temporary files being created in insecure locations while downloading; the possibility of arbitrary code execution triggered by malicious web pages containing graphics, embedded fonts, PDF files; cross-site scripting attacks taking advantage of Unicode handling; failing to remove cookies after private browsing; failing to immediately remove website passwords from memory when resetting Safari; and running Safari for the first time with elevated permissions. Some of these issues were previously addressed by updates to Mac OS X. Cross-platform flaws are similarly varied. Certain image files may misidentified as HTML, allowing the possibility that embedded JavaScript will be executed without prompting the user for permission to proceed. The libxml2 library has been updated to avoid multiple vulnerabilities, at least of which can lead to arbitrary code execution. Please read on for more issues fixed in Safari 4.0 - and a problem that's not mentioned. << First page < 1 2 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking