Security flaw hits Safari for Windows only hours after release
Thanks to marct for this article. Security researcher Aviv Raff claims to have found the first security vulnerability in Apple's Safari browser on Windows only hours after the software was released.
common -
comments -
12.6.2007 Firefox 3 vs IE 7 vs Safari 3.1
A few short years ago the browser war seemed dead and buried. After Microsoft’s Internet Explorer usurped Netscape’s Navigator in the late 1990s, it’s domination of the Internet seemed complete, over 95 percent of us using a version of IE.
common -
comments -
24.5.2008 Safari 3.2.1 Download
The problem was almost instantly isolated and confirmed as incompatibility with third party software. Apple has now issued a new Safari update, for both Mac and Windows users, which delivers “stability improvements,” according to the Cupertino, Calif.-based Mac maker.
download -
comments -
25.11.2008 Safari 3.0.4 Beta for Windows
Experience the web, Apple style, with Safari: the fastest, easiest-to-use web browser in the world. With its simple, elegant interface, Safari gets out of your way and lets you enjoy the web, up to 2 times faster than Internet Explorer.
download -
comments -
16.11.2007 Apple Safari 4 beta - not for Windows 7
Safari 4 beta work only in Windows XP and Vista. Apple has released to public beta its Safari 4 web browser, and I thought I’d give it a hands-on spin to see what all the fuss is about. Here are my first impressions and review.
download -
comments -
24.2.2009 You are got Windows 7 questions, I have got answers
It’s impossible to offer a comprehensive evaluation of a product as big and sprawling as Windows 7 with just screenshots and specs.
windows -
comments -
30.10.2008 Safari for Windows Vista na XP
The world's best browser. Now on Windows, too - Safari 3 Public Beta. Among the most interesting things Apple CEO Steve Jobs outlined today was the company’s move to take Safari to Windows.
download -
comments -
12.6.2007 Internet Explorer 7 vs. Firefox 2.0 vs. Opera 9 vs. Safari 3
Thanks to odeeee for this article. Apple has compared the performances of Internet Explorer 7, Firefox 2.0 and Opera 9 to its own browser transitioned to Windows Vista and Windows XP and has concluded that Safari is top dog.
common -
comments -
13.6.2007 MSN Answers a Million More Questions
The MSN Search group announced on its team blog last week that it has added "about a million" new Instant Answers (also known as "direct answers") to its service. The MSN folks are expanding MSN Instant Answer responses into new area, ranging from sports to weather to government officials.
microsoft -
comments -
23.1.2006 7 Questions Microsoft Must Answer Tomorrow
It's the eve of the software giant's annual Microsoft Financial Analyst Meeting, and there are a few things we—and Microsoft's customers and partners should—want to know. Thanks to pacpis for the news.
microsoft -
comments -
27.7.2007 Put your questions to Bill Gate
Bill Gates is to answer your questions at the Consumer Electronics Show in Las Vegas.
microsoft -
comments -
3.1.2008 Got Vista x64 questions? I've got answers
I got a lot of great questions and comments via e-mail and in the Talkback section of my previous post on the sudden surge in adoption rates for Windows Vista x64. In this follow-up, I summarize the answers I’ve found for each question.
windows -
comments -
5.8.2008 Answers to Windows 7 upgrade questions
Every day for the past few months, I have received at least one question from readers wanting to know how the Windows 7 upgrade process will work.
windows -
comments -
26.10.2009 Your top Windows 7 questions, answered
Since Windows 7 launched on October 22, my e-mail inbox has been deluged with questions, comments, and pleas for help.
windows -
comments -
17.11.2009 Gates responds to questions about his stock sales
The recent jump in Microsoft's stock price was on the minds of shareholders during the company's annual meeting in Seattle this morning, but not necessarily with a sense of satisfaction. During the question-and-answer period, a couple of shareholders asked and commented about recent stock sales by Bill Gates and some other executives following the share increase.
microsoft -
comments -
13.11.2007 Microsoft's Bing: 10 burning questions
Microsoft rolled out Bing sort of—it won’t be fully deployed until June 3—but questions already abound.
microsoft -
comments -
29.5.2009 Microsoft Urges Users Stop Using Safari In Windows Platform
Microsoft's security team is advising users to stop using Apple's Safari browser pending investigation into a quirk that allows miscreants to litter their desktop with hundreds of executable files.
microsoft -
comments -
2.6.2008 More information on the Open XML translator and some questions answered
There were a lot of great comments from last week's announcement about the creation of an open source project to transform between the Ecma Office Open XML formats and the OASIS OpenDocument format.
microsoft -
comments -
12.7.2006 Apples carpet-bomb Safari flaw can wreak havoc on Windows
A researcher has created a proof-of-concept site that graphically demonstrates the risk Windows users face when using Apple's Safari browser.
common -
comments -
10.6.2008 Windows Vista Content Protection - Twenty Questions (and Answers)
A conversation has cropped up since the recent publication of a paper scrutinizing how Windows handles digital rights management, especially for HD video. I've since looped back with Dave Marsh, a Lead Program Manager responsible for Windows' handling of video, to learn from him the implications involved and to learn to what extent the paper's assertions are accurate.
windows -
comments -
23.1.2007 Apple monster update fixes iPhone, Safari, Mac OS X flaws
Apple has issued a monster update with patches for about 50 security vulnerabilities affecting iPhone, Safari and Mac OS X users.
common -
comments -
1.8.2007 Microsoft Security Advisory 927891 non security-Fix for Windows Installer
Ok this is the MSI fix (Windows Update Client 100%CPU issue) as discussed before here on Bink.nu. For best results also install the new update client . This client will be distributed worldwide in June through Microsoft/Windows Update and WSUS.
microsoft -
comments -
23.5.2007 Microsoft Windows Vista Security: Setting a New Standard for Security and Privacy Through Innovation and Collaboration
For more than 30 years, information and communications technologies have transformed the global economy and personal communications.
windows -
comments -
17.9.2006 Security Tab Fixer for Windows XP - Activate Security Tab Under File, Folder Property Menu
Unlike Windows Vista & Windows 7, Window XP do not show Security tab under file or folder properties dialogue box.
download -
comments -
28.6.2009 May Security Bullitens
New Security Bulletins Microsoft is releasing the following security bulletins for newly discovered vulnerabilities.
microsoft -
comments -
9.5.2006 IE7 Security features
All web browsers make security decisions based upon URIs. Many security features, from Security Zones to the JavaScript same-origin policy, depend on the browser being able to consistently evaluate URIs to determine their components, and to compare them to other URIs.
microsoft -
comments -
New Security Flaw Discovered in IE
Security firm eEye released a
notice on Thursday saying it had discovered a new flaw within Internet Explorer on both Windows XP and XP SP2.
microsoft -
comments -
EXCLUSIVE: New security flaw in IE
A new flaw in Internet Explorer could be exploited to launch spoof-based attacks, or access and change data on vulnerable PCs, security experts have warned.
The problem lies in the way Microsoft has implemented a JavaScript component in its Web browser, security researcher Amit Klein wrote in a research document. Internet Explorer does not validate some data fields provided by a PC when the component, called XmlHttpRequest, is used, he wrote.
microsoft -
comments -
Vista and Security Bundling
Several reporters have asked me what the Windows OneCare Live widespread beta means to security software vendors, such as McAfee, Panda, Symantec or Trend Micro. What OneCare foreshadows is significant.
According to the release notes: "Windows OneCare will not be compatible with the Windows Vista operating system (formerly codenamed 'Longhorn') when that operating system is released."
windows -
comments -
2.12.2005 Security in Microsoft Products
Join Mike Nash, Vice President for the Microsoft Security Business Unit, and his team of security experts each month. Microsoft is working hard to improve security and Mike and his team invite you to join them in a candid Q&A session.
microsoft -
comments -
12.1.2006Security flaw hits Safari on Windows
Security researcher Aviv Raff
claims to have found the first
security vulnerability in
Apple's Safari browser on
Windows only hours after the
software was released.
Raff tested the
application against a standard
browser security testing tool.
"A first glance at the
debugger showed me that this
memory corruption might be
exploitable. Although I'll
have to dig more to be sure of
that,"
http://aviv.raffon.net/2007/06
/11/AppleSafariForWindowsOutWi
thACrash.aspx>he wrote on his
blog.
Apple lists the
browser's security as one of
12 reasons "why you'll love
Safari" and adds that "Apple
engineers designed Safari to
be secure from day one."..
winbeta.org -
12.06.2007Microsoft reports security problem with Apple's Safari
Microsoft, of all companies, has issued a security advisory warning users about a possible security exploit involving Apple's Safari for Windows
browser...
betanews.com -
03.06.2008Apple Plugs iChat, Safari
Security Holes
In its first standalone
security update for 2006,
Apple on Wednesday plugged 17
flaws affecting both Mac OS X
10.3 and 10.4. The fixes come
after two potential
vulnerabilities -- one in
iChat and another in Safari --
were heavily publicized and
brought warnings from security
experts that Macs are not
immune from malware...
betanews.com -
02.03.2006Updated Safari for Windows improves security
Apple has released Safari Beta
3.0.1 for Windows, an update
to their recently-introduced
Web browser for Windows XP and
Vista. The new version is
http://www.apple.com/safari/do
wnload/>available for download
from Apples Web site or
through the śApple Software
Updateť application (bundled
with QuickTime or iTunes for
Windows).
Apple CEO
Steve Jobs introduced Safari
for Windows near the end of
his keynote presentation
during this weeks Worldwide
Developers Conference (WWDC)
in San Francisco, Calif. Apple
is releasing Safari for
Windows in the hope of growing
its market share in the
browser market. Some market
research pegs Safari in third
place behind Firefox, with
only the Macintosh market
using it.
śApple
issued an update to the Safari
for Windows public beta today
to fix the security
vulnerabilities that were
reported earlier this week.
Beta testers will receive the
update automatically through
Apples Software Update
application,ť an Apple
spokesman told Macworld...
winbeta.org -
14.06.2007Apple Plugs Windows Safari Security Holes
Just days after its beta
release of Safari 3 for
Windows became a zero-day
nightmare with a number of
exploitable vulnerabilities,
Apple has rushed out version
3.01 to fix three security
flaws. The problems only
affect Windows, not the Mac OS
X release...
betanews.com -
15.06.2007Apple Releases Safari 3.0.2
Apple continues to patch holes
in its Safari for Windows,
releasing version 3.0.2 of the
browser. The update addresses
security issues and contains
several functionality tweaks...
betanews.com -
27.06.2007Mozilla CEO: Apple Safari update is 'just wrong'
Mozilla CEO John Lily says that Apple's decision to use its Windows software update application to push downloads of its Safari browser on iTunes
users was bad for the security of the Web...
betanews.com -
24.03.2008Microsoft Warns of Safari Carpet Bombing
Microsoft has released
a security advisory warning of
the effect we have previously reported as "Safari Carpet
Bombing." This is what most people would call a vulnerability in Safari on both Windows and OS X in that Safari does not warn users before
downloading files. The default download location on Windows for Safari is the Desktop, so a malicious page could fill the desktop with files,
potentially malicious files, and in scenarios which could use social engineering to trick the user into opening at least one of them.
No program is perfect, but Apple's response to the vulnerability was disturbing. They don't consider it a security vulnerability, and are
treating user confirmation as just another feature request. Apple has taken a lot of heat over this,
including from StopBadWare.org.
winbeta.org -
31.05.2008Apple Releases Safari Beta 3.0.2 for Windows and Mac OS X
Apple has released an update
to its Safari browser, Beta
3.0.2 for Mac and PC via its
website
and Software Update.
Changes in Safari 3.0.2
for Windows beta:
- Latest
security updates
-
Improved stability
- Fixes
for text display, non-English
systems, and start-up times
Changes in Safari
3.0.2 for Mac OS X beta:
-Latest security updates
-Improved stability
-Improved WebKit support
for Mail, iChat and
Dashboard
Though
still in beta, the initial
release of Safari 3.0 had seen
8 vulnerabilities discovered
within 24 hours of its
release, some of which were
cross-platform. Apple quickly
released Safari 3.0.1 for
Windows which addressed some
of the Windows-specific
vulnerabilities discovered.
winbeta.org -
23.06.2007Apple Dismisses Safari Download Issue
A security researcher has published a demonstration exploit that takes advantage of the download mechanism in Apple's Safari browser to
automatically download files onto a user's system. bNevertheless, Apple said it does not consider the issue a security vulnerability, according to
Nitesh Dhanjani, a researcher who currently leads application security efforts at professional services company Ernst & Young.
Enterprises
have begun paying closer attention to Safari in recent weeks because of a rise in the browser's market share on Windows. Safari is the built-in
browser on Mac OS X. The problem arises "because the Safari browser cannot be configured to obtain the user's permission before it downloads a
resource," Dhanjani said in a recent blog post.
neowin.net -
17.05.2008Safari for Windows Tops 1 Million Downloads
Despite security concerns and
Microsoft pundits like Paul
Thurrott wondering "who
would ever use" it, Safari
3 Beta for Windows was
downloaded over 1 million
times in the first 48 hours,
Apple announced. The company
continues to tout the speed
and standards support of its
browser, which was previously
Mac-only...
betanews.com -
15.06.2007After hacker dissection, Safari beta is patched
Three days after releasing
Safari 3.0, Apple has issued
its first patch of the beta
software:
Safari
3.0.1, which fixes three
flaws in the browser including
security vulnerabilities.
Although the issues found in
the first beta release were
surprisingly numerous,
security researchers are
applauding Apple for pushing
out the update so quickly.
Apple has often taken weeks or
months to release patches and
updates in response to
vulnerability concerns. This
is the first time that Apple
has released a version of
Safari for the Windows
platform. Because it now can
be run on a much larger number
of systems, the code has been
getting more attention from
the security community.
neowin.net -
15.06.2007Safari for Windows Downloads Top 1 Million In 48 Hours
Apple today announced
(http://www.apple.com/pr/libra
ry/2007/06/14safari.html>via a
news release) that more than 1
million copies of Safari for
Windows were downloaded in the
first 48 hours since the free
public beta was made available
on Monday.
Many see
Apple's release of Safari for
Windows as an opportunity for
Apple to further attract
customers to the Mac, while
also raising usage of its
Safari web browser, which
would theoretically require
more website developers to
ensure that their sites work
properly with Safari.
In related news, Apple
today
http://winbeta.org/comments.ph
p?catid=1&id=7805>updated the
Safari for Windows beta to
3.0.1, which patches some of
the security flaws that were
recently discovered in the
software.
winbeta.org -
15.06.2007PayPal warns: Steer clear of Apple's Safari browser
If you're using Apple's Safari browser, PayPal has some advice for you: Drop it, at least if you want to avoid online fraud. Safari
doesn't make PayPal's list of recommended browsers because it doesn't have two important anti-phishing security features, according to
Michael Barrett, PayPal's chief information security officer.
"Apple, unfortunately, is lagging behind what they need to do, to
protect their customers," Barrett said in an interview. "Our recommendation at this point, to our customers, is use Internet Explorer 7 or 8 when it
comes out, or Firefox 2 or Firefox 3, or indeed Opera." Safari is the default browser on Apple's Macintosh computers and the iPhone, but it is
also available for the PC. Both Firefox and Opera run on the Mac.
neowin.net -
28.02.2008Safari Licensing says non-Apple hardware installs prohibited
In its rush to bring Safari to the Windows platform, it looks like Apple's legal department didn't quite do its job...
betanews.com -
27.03.2008Safari license says non-Apple hardware installs are prohibited
In its rush to bring Safari to the Windows platform, it looks like Apple's legal department didn't quite do its job...
betanews.com -
28.03.2008Windows Firewall with Advanced Security Design Guide
This guide helps you design Windows Firewall with Advanced Security settings and rules that meet your goals for network security. This guide answers
the "what," "why," and "when" questions. The Windows Firewall with Advanced Security Deployment Guide answers the "how" questions.
winbeta.org -
09.06.2008Apple fixes Safari 'carpet bomb' bug
Apple has reversed course and patched a bug in its Safari browser after security researchers showed how it could be used to run unauthorized software
on a Windows machine. The "carpet bomb" bug , which was originally discovered by security researcher Nitesh Dhanjani, was initially thought to be
less serious than it turned out to be.
Dhanjani showed how Safari could be misused to litter a victim's desktop with downloaded
programs, but two weeks after he disclosed his research, another hacker, named Aviv Raff, showed that this flaw could be exploited in tandem with
other problems in Windows and Internet Explorer to run unauthorized software on a victim's PC. That prompted Microsoft to issue its own warning
about the issue. It also caused some security experts to caution Web surfers about using Safari on the Windows platform.
neowin.net -
20.06.2008A Google Chrome user's opinion of Safari 4 Beta
Thanks to the iPhone, it's the world's #3 browser. Should its new version give Safari good reason to capture second place?
..
betanews.com -
25.02.2009Chrome masks as Safari to fool Windows Live Mail
According to Google's Chrome Releases blog, Chrome-users no longer need to go out of their way to make Windows Live Mail/Hotmail work. In
addition to providing important security updates, Google's most recent version of Chrome--1.0.154.46--makes it easy for followers to use Windows
Live Mail. For some reason, Windows Live Mail does not work properly on Chrome, unless it thinks it is some other browser, such as Apple's Safari.
Previously, Chrome-users who had wanted to be able to use Windows Live Mail would have to switch the user-agent manually, but now the browser will
identify itself properly as "Chrome" for most normal sites but as "Safari" for URLs ending with mail.live.com.
Read full story.....
neowin.net -
01.02.2009
