Apple plugs 'gone in 30 seconds' Safari flaw

Apple plugs 'gone in 30 seconds' Safari flaw

Summary: Apple has released another round of security patches for its Web browser this week, targeting a vulnerability which allowed a Macbook air to be hacked and two deficiencies in the Windows-only version of the software.

SHARE:

Apple has released another round of security patches for its Web browser this week, targeting a vulnerability which allowed a MacBook Air to be hacked and two flaws in the Windows-only version of Safari.

The company released the patches this week after a number of vulnerabilities were discovered in the browser recently, including one which allowed a security expert to take control of a MacBook Air at the CanSecWest security conference in March, where a malicious Web site was used to exploit the flaw.

"The interesting thing about this is that it took a team of hardcore security experts to crack this," said James Turner, security analyst for research firm IBRS.

"From Apple's perspective, it's been good to have that flaw publicised and to appear to have done something about it within a relatively short space of time," he noted.

An Apple spokesperson declined to comment on the flaw, telling ZDNet.com.au: "What happened at that forum was specific to the forum, Apple won't discuss that."

Recent research by IBM found Apple flaws made up 3.2 percent of all vulnerabilities reported in 2007, putting the company in second place behind Microsoft, with 3.7 percent.

Apple's most recent patch batch also fixed vulnerabilities in Safari for Windows. An Apple spokesperson told ZDNet.com.au today that the company would not comment on what the cause or effects of these flaws were.

According to IBRS analyst Turner, the Windows flaw was unlikely to have affected many users and even fewer organisations, given that few if any are likely to have deployed Safari as a standard browser.

"Apple will of course continue to use the Polaroid model and push their own browser on their own hardware, which in turn means that more and more attention will be focused on them," he said.

"For a couple of years now industry pundits have been saying that as Apple's market share grows they will be targeted more often," Turner said. "Microsoft's been in the spotlight so long now, but now someone else is sharing the stage, and I think they'd [Microsoft] be happy about that."

According to Apple, in the first quarter of last year it shipped 2.3 million Macs, representing 44 percent growth year-on-year.

Topics: Apple, Hardware, Microsoft, Security, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • Great Job

    Great job to the people who exposed this flaw and great job to apple for actually addressing security issues with their operating system. As a mac user I feel like I don't actually need a virus scanner because apple care enough to fix these problems.
    anonymous
  • It will only be a matter of time

    Apple will become targeted more and more if they continue to gain popularity. As for the caring part about patches. All companies aim to fix flaws as soon as possible when they are brought to their attention.
    anonymous