Homeland Security Warns About Latest Dangerous Apple Browser Bug
May 10, 2010 5:20 PM
comment(s) - last by
Apple, which perpetually makes fun of Microsoft's Windows for being "buggy" and "virus prone" is yet again endangering its users with lax security and poorly written code.
This time Apple's latest security woe is a "highly critical" flaw in its Safari browser; and Apple is yet again silent on the issue.
Cyberthieves can use the vulnerability to execute arbitrary code, steal information
when it comes to security has yet again come back to bite it. This time Danish security research firm Secunia
yet another vulnerability in the web browser Safari, which they billed as "highly critical" -- their most serious rating.
Secondary confirmation of the bug came from the United States Computer Emergency Readiness Team (US-CERT) (part of the U.S. Department of Homeland Security), which
an advisory after Polish researcher Krystian Kloskowski disclosed the bug on Friday.
The bug exploits Apple's
of code that handle's the browser's parent windows. According to Secunia, "This can be exploited to execute arbitrary code when a user visits a specially-crafted Web page and closes opened pop-up windows."
US-CERT adds that HTML email opened in webmail services such as Gmail or Windows Live Hotmail may also exploit the flaw. By compromising the operating system, hackers are free to log user information (such as credit cards or personal contacts) and install malware to accomplish a host of evils.
The flaw works in Windows 7 on the latest version of Safari 4 (4.0.5). "Other versions may also be affected" according to US-CERT -- so OS X users of Safari aren't off the hook yet. Charlie Miller, noted Mac hacker and security expert was not available to verify whether the bug existed in OS X. He's on vacation after hacking Safari and
earning $10,000 in loot
in March at the Pwn2Own contest.
Miller has stated that Macs and Apple software are often easier to hack than PCs and Windows software. Overall there's been relatively little interest in hacking Macs or Apple products, but what little attention there has been has revealed a host of security flaws. Apple patched 16 flaws in Safari in mid-March -- including 10 that affected OS X. Miller's exploit was among those flaws fixed.
Many security experts have criticized Apple's lax stance on security and poorly implemented products. Charlie Miller
Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town.
Mac researcher Dino Dai Zovi
once put it
There is no magic fairy dust protecting Macs. Writing exploits for [Microsoft] Vista is hard work. Writing exploits for Mac is a lot of fun.
This article is over a month old, voting and posting comments is disabled
5/11/2010 1:43:51 AM
preemptive sick leave
? Now that's an idea...
5/11/2010 7:51:34 AM
The Apple sickness is incurable. Whenever I imagine an Apple fan, I think of Steve jobs sidling up behind one, stuffing an apple in their mouth to gag them and then dropping trow, reaming his hot man love into them over and over while they take it. Once you've been "touched by Jobs," you are forever stained. ;)
Speaking of the article, it is a bug that Apple even exists still to this day.
5/11/2010 10:16:09 AM
You guys are all going to jail tomorrow, cuz you all just dissssssed the almighty Apple !
Then when you guys die, you all going to hell, cuz again you all dissssssed the almighty Apple !
"We can't expect users to use common sense. That would eliminate the need for all sorts of legislation, committees, oversight and lawyers." -- Christopher Jennings
Charlie Miller to Unveil 20 Zero-day OS X Exploits at CanSecWest
March 19, 2010, 9:55 AM
Another Major Mac Computer Security Flaw Discovered
July 30, 2009, 10:52 AM
Mac Gets The Girl In New Anti-Microsoft Ad
May 13, 2009, 9:33 AM
Safari Plagued By Bugs, Accidental Violation Of Its Own EULA
March 27, 2008, 1:03 PM
Facebook Adds Satire Tags to Its Auto-Generated "Related News" Posts
August 18, 2014, 10:43 AM
Comcast, TWC Pull Dinner Gift for FCC Commissioner... Sort Of
August 15, 2014, 1:10 PM
Comcast Accused of Wooing FCC Commissioner w/ $110K Dinner
August 13, 2014, 8:20 PM
Quick Note: Nokia’s Lumia 520 Available for $39.99 Off Contract Today Only
August 13, 2014, 10:37 AM
Wikipedia Scores $140,000 in Bitcoin Donations in One Week
August 11, 2014, 9:32 AM
China to Require Real Names for Chat Apps
August 8, 2014, 8:28 PM
Most Popular Articles
Apple Scores Patents, Preps New Reversible USB Plug for iPhone 6 Connector
August 18, 2014, 1:32 PM
New AMD Fusion-Based Laptop From HP to Pack a Punch at $199
August 18, 2014, 4:13 PM
BlackBerry Reinvents Itself, Prepares for Potential Smartphone-Free Future
August 18, 2014, 7:51 PM
New Photos Show “Assembled” iPhone 6, Protruding Camera Ring
August 20, 2014, 2:32 PM
Lumia 830 Gets Major Upgrades Including New 20.1 Megapixel Toshiba Sensor
August 15, 2014, 6:00 PM
Latest Blog Posts
Space Terrorism is a Looming Threat For the United States
Apr 23, 2014, 7:47 PM
Facebook Aims to Provide Internet to "Every Person in the World" with Drones, Satellites
Apr 1, 2014, 10:20 AM
Retail Mobile Sites Experience Outages in Light of Simplexity's Bankruptcy
Mar 14, 2014, 8:48 AM
Tesla vs. BMW: Who Has the Safer EV?
Feb 1, 2014, 2:56 PM
Justice Leaks Details of Next HTC One Two Flagship Phone
Dec 5, 2013, 4:04 PM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information