Apple slaps bandaid on critical Safari (Windows) security holes

Summary:Apple has shipped new versions of its Safari browser to fix numerous security holes that expose Windows users to malicious hacker attacks.

Apple has shipped new versions of its Safari browser to fix numerous security holes that expose Windows users to malicious hacker attacks.

The Safari 5.1 and Safari 5.0.6 addresses gaping security holes in Safari and WebKit, the open-source browser rendering engine.  These updates are available for Safari users running Windows XP SP2, Windows Vista and Windows 7.

According to Apple's advisory, some of these vulnerabilities could lead to drive-by download attacks, full system compromise, denial-of-service conditions of cross-site scripting attacks.

Here's a sample of some of the more serious Safari for Windows vulnerabilities:

follow Ryan Naraine on twitter

  • CFNetwork: The NTLM authentication protocol is susceptible to a replay attack referred to as credential reflection. Authenticating to a maliciously crafted website may lead to arbitrary code execution. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems.
  • ColorSync: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution.
  • CoreFoundation: An off-by-one buffer overflow issue existed in the handling of CFStrings. Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution.
  • CoreGraphics: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.
  • ImageIO: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
  • ImageIO: A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
  • libxml: A one-byte heap buffer overflow existed in libxml's handling of XML data. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.

The Safari update also contains a massive WebKit update that expose users to denial-service conditions or arbitrary code execution.

The patches are being delivered via the Windows Apple Software Update application, or Apple's Safari download site.

Topics: Apple, Browser, Hardware, Microsoft, Operating Systems, Servers, Software, Windows

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.