Apple Safari 3.1 Browser Under Attack

It’s not just Mozilla’s CEO that is leveling attacks at Apple’s new Safari 3.1 web browser for Windows. Apparently security researchers are taking aim at Safari 3.1 as well, discovering at least two highly critical vulnerabilities (as rated by Secunia).

One flaw is a memory corruption issue that could be exploited if a user is downloading a .ZIP file with a really long filename.

The second flaw is an address bar spoofing issue.

Frankly, I wouldn’t have rated both of these issues as ‘Highly Critical’ myself since they both require user interaction (but hey I’m not currently a full time security researcher).

Then again, Mozilla just fixed a memory corruption related issue with Firefox yesterday, which was rated as “Critical” by Mozilla itself. Though Firefox did fix a spoofing issue which was only rated as being “High”.

Apple has not yet made any kind of patch available for Safari 3.1 for the new issues, so if you’re running Safari – also use common sense and as always – DON’T VISIT UNTRUSTWORTHY SITES! (but that goes for any browser on any platform).

News Around the Web