iTWire - Safari 4.0.3 addresses stability and security issues

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Safari 4.0.3 addresses stability and security issues

Safari 4.0.3 addresses stability and security issues

E-mail

by Stephen Withers
Wednesday, 12 August 2009
Safari 4.0.3 provides stability improvements and bug fixes, as well as delivering some security fixes. Featured Whitepaper 5 Best Practices for Smartphone Support Safari 4.0.3 - the latest update for Apple's web browser for Mac OS X and Windows - addresses issues in multiple areas of operation. Specific bug fixes identified by Apple correct issues that could prevent users from logging into the iWork.com site (Apple's service for sharing iWork documents), or cause the display of web content in greyscale instead of colour. Stability improvements are claimed for Top Sites, third-party plug-ins, and the handling of the HTML 5 video tag. As for the security fixes, Safari 4.0.3 for Windows patches a flaw recently addressed by Mac OS X 10.5.8 in which maliciously crafted EXIF data could trigger arbitrary code execution. The new version of the browser also fixes a graphics-related issue that could be used to the same ends. Four other issues affect Apple's browser on both platforms. A wider range of Unicode characters are now flagged in the address bar to alert the user of the possibility of spoofing. One of the problems with international domain names has always been that character sets may contain individual characters that are visually similar to those in other sets yet are treated as distinct. This can allow the registration of look-alike domain names. WebKit's handling of the pluginspace attribute has been tightened to avoid information disclosure to a site that includes a malicious plug-in dialog. The processing of floating-point numbers has also been improved to avoid a buffer overflow that could have been used by a malicious site to cause the execution of arbitrary code. And finally, the Top Sites feature has been tweaked so that only user actions can lead to a site appearing in the Top Sites view. Previously, a malicious site could use automated actions to promote one or more pages into the Top Sites list. Apple notes that known fraudulent sites have never been allowed onto the Top Sites list, reducing the risk that the vulnerability could have been used in phishing attacks. Safari 4.0.3 is a 40M download for Leopard, 26M for Tiger, and 27M for Windows. It is available via Software Update (Apple Software Update on Windows) or from Apple's Support Downloads site. Tags See All Tags Apple Browser Browsers HTML 5 Mac Mac OS X Patch Patches Safari Security Software Stephen Withers Vulnerability Windows Powered By Joomla Tags Please enable JavaScript in your browser to post your comment!

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking