• Apple Gives Safari a Security Update

    Apple has just released a security update for Safari 4.0.4 (available for Windows and Mac) that hopefully resolves an issue that appears to have been capable of presenting a potentially catastrophic security problem.

    Then again, we may never know how "grave" the danger was since Apple doesn't play along with the established practice of competing browsers by revealing just how serious a threat to Safari truly is.

    According to Apple Insider:

    The security fixes address a wide range of problem points. On both Windows and Mac, parsing maliciously written XML content could have led to a browser crash, using shortcut menu options within a maliciously created Web site could have led to the disclosure of local information, and visiting a maliciously built Web site could have resulted in unexpected actions on
    other opened Web sites.
    The latest update for Safari - the first since late summer - is once again prompting Apple fans and critics alike to request more openness from the company regarding security threats that we're "not allowed" to know much about. Seth Rosenblatt at CNET put it best by suggesting that while it's good practice to update a program when a security fix has been released, Apple should be considerably more transparent on such matters and, in doing so, hold itself to the same standards as its chief competitors: Internet Explorer, Firefox, and Chrome.

    For Windows only, viewing a maliciously made image with an embedded color profile that could lead to a browser crash or running arbitrary code is no longer a threat, nor is accessing a maliciously crafted FTP server, which could have led to an
    unexpected crash, information disclosure, or arbitrary code execution. For Mac only, an exploit that could have allowed e-mail to remotely load audio and video content when loading a remote image has been disabled.
    Apart from resolving a handful of security issues, Apple says the 36.2MB Safari 4.0.4 update also lends to improved JavaScript performance and stability improvements for third-party plug ins, the search field, and Yahoo mail.

    The browser update can find its way to Mac and Windows systems through Apple’s software update utilities. Of course, if you're wondering when the iPhone will similarly get patched, your guess is as good as mine.

    Image via TheiPhoneBlog
  • Connect With Us

  • Twitter Box

  • Facebook