MUST READ: Congress demands answers from Google over Glass privacy concerns

Topic: Operating Systems

Apple plugs code execution, phishing holes in Safari browser

Summary: Apple has released Safari 4.0.3 to fix at least six security vulnerabilities that put Mac and Windows users at risk of hacker attacks.

Ryan Naraine

By for Zero Day |

Apple has released Safari 4.0.3 to fix at least six security vulnerabilities that put Mac and Windows users at risk of hacker attacks.

The update is considered highly-critical and should be immediately applied on both Windows and Mac systems because of the risk of information disclosure, phishing and remote code execution attacks.

Here's a snapshot of the vulnerabilities being fixed:

  • CVE-2009-2468 (Windows XP and Vista) -- A heap buffer overflow exists in the drawing of long
  • text strings. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.
  • CVE-2009-2188 (Windows XP and Vista) -- A buffer overflow exists in the handling of EXIF metadata. Viewing a maliciously crafted image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.
  • CVE-2009-2196 (Mac OS X, Windows XP and Vista) -- Safari 4 introduced the Top Sites feature to provide an at-a-glance view of a user's favorite websites. It is possible for a malicious website to promote arbitrary sites into the Top Sites view through automated actions. This could be used to facilitate a phishing attack.
  • CVE-2009-2195 (Mac OS X, Windows XP and Vista) -- A buffer overflow exists in WebKit's parsing of floating point numbers. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.
  • CVE-2009-2200 (Mac OS X, Windows XP and Vista) -- WebKit allows the pluginspage attribute of the 'embed' element to reference file URLs. Clicking "Go" in the dialog that appears when an unknown plug-in type is referenced will redirect to the URL listed in the pluginspage attribute. This may allow a remote attacker to launch file URLs in Safari, and lead to the disclosure of sensitive information. This update addresses the issue by restricting the pluginspage URL scheme to http or https.
  • CVE-2009-2199 (Mac OS X, Windows XP and Vista) -- The International Domain Name (IDN) support and Unicode fonts embedded in Safari could be used to create a URL which contains look-alike characters. These could be used in a malicious website to direct the user to a spoofed site that visually appears to be a legitimate domain. This update addresses the issue by supplementing
  • WebKit's list of known look-alike characters. Look-alike characters are rendered in Punycode in the address bar.

The new browser version is available via the Apple Software Update application or Apple's Safari download site.

Topics: Operating Systems, Apple, Browser, Hardware, Microsoft, Security, Software, Software Development, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

8 comments
Log in or register to join the discussion

  • Well...

    At least I didn't have to wait until Patch Tuesday...
    vikingnyc@...
    Reply Vote

    • not patch tuesday

      But patch weekly is the theme for anything Apple.
      CrashPad
      Reply Vote

    • LOL! Because all of these were discovered and fixed...

      ...at exactly the same time. You're fooling yourself if you think Apple releases a patch as soon as it's fixed. It's no different than Microsoft except Microsoft let's you know when to expect patches. Apple, well, it's whenever they feel like it.
      ye
      Reply Vote

  • I like that my mac just updates

    No scrolling through lists of optional updates. Just do it and don't bug me.
    HollywoodDog
    Reply Vote

    • This discussion was going on in another thread...

      How apathetic therefore vulnerable Apple users really are with this attitide. Cultivated and nutured by Apple!!! What a computing experience, not knowing what is really going on. You dont do banking on your Mac do you???
      CrashPad
      Reply Vote

    • If it ain't broke, don't fix it...

      especially on a mission critical computer or in the middle of a project.
      I'm always amazed by people's rush to apply the latest patch, my own
      included when I installed Safari 4.0.0. Took a good half day to strip out
      the Webkit Framework updates and go back to Safari 3.1.2. Safari 4.0.2 is
      finally solid and I'm going to wait a couple of weeks before making any
      rush to update.
      Geotopia
      Reply Vote

  • Mac security is definitely improving!

    Only six browser-based vulnerabilities is this bugfix release!
    Better than the fifty we saw for Safari 4.0. I also appreciate the
    limited information that Apple releases in these security
    updates -- there is certainly no need to be verbose like
    Microsoft and detail the severity and exploit vectors of all
    vulnerabilities.
    Trolleur
    Reply Vote

  • RE: Apple plugs code execution, phishing holes in Safari browser

    Great!!! thanks for sharing this information to us!
    <a href="http://www.yuregininsesi.com">seslisohbet</a> <a href="http://www.yuregininsesi.com">seslichat</a>
    birumut
    Reply Vote
CNET Join | Log In | Privacy | Cookies Close