RSS Alerts

Share

More services

Related Links

  • Sophos
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Apple releases Safari 4.0 to counter security flaws
    Apple Computer has released v 4.0 of its increasingly popular Safari web browser for Windows and Mac OSX-based computers. The release counters the recent security flaws reported in CFNetwork, CoreGraphics, ImageIO, International Components for Unicode, libxml, Safari, Safari Windows Installer, and webKit
  • Internet Explorer, Firefox and Safari hacked within hours
    This year's CanSecWest, held in Vancouver, British Columbia, opened on Wednesday, with the main focus of the cracking contest being on mobile phones.
  • Apple rolls out updated Safari browser
    Apple has issued version 4.0.5 of its Safari web browser – for both Mac OS X and Windows – with 16 security updates.
  • A Rotting Security Apple?
    Vendors, analysts, and commentators alike have long predicted a surge in malware affecting Apple’s products. Yet, until recently, these prognostications have failed to materialize. Drew Amorosi examines recent malware threats to Apple’s OS X operating system to find out if this is an anomaly, or a sign of things to come
  • Apple OS X update targets latest malware
    Apple has moved swiftly to target the problem of malware by updating its Mac operating system, OS X. The update – OS X 10.6.7 – comes as security experts have spotted new versions of MacDefender, a rogue application that is being distributed via poisoned links on Facebook.

Top 5 Stories

News

Windows and Mac users asked to upgrade to Safari 4.0.5

16 March 2010

Whilst the industry seems transfixed by a tablet computer that does not currently appear to multitask, Apple Computer is also up other things than selling iPads, releasing a major update to its Safari web browser.

Safari v4.0.5 reportedly fixes a number of security issues on the Windows and Mac OSX platform versions of its browser, and includes remediations for a total of 16 security vulnerabilities.

The new version has been welcomed by most quarters but, says Graham Cluley, senior technology consultant with Sophos, Safari users should update their browsers – regardless of platform – without delay.

"If you dilly-dally over updating your computer, it's possible that hackers could exploit the security bugs – including some that could mean that simply visiting a webpage with a maliciously crafted image could lead to malicious code being automatically run on your computer", he noted in his security blog.

According to Cluley, one of the bugs (CVE-2009-2285) fixed in Safari 4.0.5 was announced and patched in Mac OS X 10.6.2 back in December 2009, and in Mac OS X 10.5 since January.

This means, he says, that Windows users of Safari have been vulnerable for over two months in the way their browser handles booby-trapped TIFF images.

"But it doesn't matter whether you own a Mac or PC, if you run Safari the message is clear: It's time to update your browser and ensure that you are protected against hackers exploiting the security holes detailed in the security advisory on Apple's website", he said.

This article is featured in:
Application Security • Data Loss  • Internet and Network Security • Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012