Apple slaps bandaid on critical Safari (Windows) security holes

Apple slaps bandaid on critical Safari (Windows) security holes

Summary: Apple has shipped new versions of its Safari browser to fix numerous security holes that expose Windows users to malicious hacker attacks.

SHARE:

Apple has shipped new versions of its Safari browser to fix numerous security holes that expose Windows users to malicious hacker attacks.

The Safari 5.1 and Safari 5.0.6 addresses gaping security holes in Safari and WebKit, the open-source browser rendering engine.  These updates are available for Safari users running Windows XP SP2, Windows Vista and Windows 7.

According to Apple's advisory, some of these vulnerabilities could lead to drive-by download attacks, full system compromise, denial-of-service conditions of cross-site scripting attacks.

Here's a sample of some of the more serious Safari for Windows vulnerabilities:follow Ryan Naraine on twitter

  • CFNetwork: The NTLM authentication protocol is susceptible to a replay attack referred to as credential reflection. Authenticating to a maliciously crafted website may lead to arbitrary code execution. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems.
  • ColorSync: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution.
  • CoreFoundation: An off-by-one buffer overflow issue existed in the handling of CFStrings. Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution.
  • CoreGraphics: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.
  • ImageIO: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
  • ImageIO: A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
  • libxml: A one-byte heap buffer overflow existed in libxml's handling of XML data. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.

The Safari update also contains a massive WebKit update that expose users to denial-service conditions or arbitrary code execution.

The patches are being delivered via the Windows Apple Software Update application, or Apple's Safari download site.

Topics: Apple, Browser, Hardware, Microsoft, Operating Systems, Servers, Software, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

23 comments
Log in or register to join the discussion
  • I wouldn't normally care about holes in Safari for Windows

    My issue is that on 2 of my computer, every time I get a notification to update iTunes, the updater has selected Safari by default to be installed. This does not happen on my 3rd computer.

    What's the difference between these 3 PCs? No idea but iTunes users on Windows must be eternally vigilant to make sure they haven't accidentally installed Safari.
    toddybottom
    • RE: Apple slaps bandaid on critical Safari (Windows) security holes

      @toddybottom

      Uninstall the Apple Updater. And it doesn't matter unless you're browsing with Safari. No sane Windows app will assume you have Safari for Windows under the covers and use it vs. say IE.
      betelgeuse68
      • Thank you

        @betelgeuse68
        Much appreciated. I will give that a try. Is there a way of reinstalling the updater? I haven't seen any sort of install for just the updater itself.
        toddybottom
  • Time to have some reality check on Apple Apps on Windows.

    Look at all these arbitrary code execution bugs...

    Yet people still picking on Adobe Reader like there's no tomorrow.
    Samic
    • RE: Apple slaps bandaid on critical Safari (Windows) security holes

      @Samic
      Because of the adobe reader plugin. its tied to primarily almost all browsers.
      Anthony E
      • RE: Apple slaps bandaid on critical Safari (Windows) security holes

        @Anthony E <br>Quicktime also tied to almost all browsers in the system too and it also has arbitrary code execution issue all the time. <br>It's about the quality of Apple's software on Windows. They just either doesn't seems to care about the softare quality on Windows or too incompletent to make good Windows softeware.
        Samic
      • RE: Apple slaps bandaid on critical Safari (Windows) security holes

        @Samic Quicktime is NOT Safari... if there were any reported issues with Quicktime like there are with Safari then you'd have a point.
        athynz
    • RE: Apple slaps bandaid on critical Safari (Windows) security holes

      @Samic

      Because most Windows users have Adobe's Reader... most do not have Safari for Windows.
      betelgeuse68
  • I looked at the Safari 5.1 feature list

    Is Sandboxing really Lion only? D:
    Michael Alan Goff
  • So, Ryan, want to explain why this is a band-aid and

    not a patch? I mean other than the fact that the MacDefender phishing attack fizzled and the company you work for still can't sell any Mac antivirus software and that just p*sses you off, no end.
    fr_gough
    • Come on Steve, you can do better then that

      @fr_gough

      That liver acting up on you again, making you grouchy today?
      William Pharaoh
      • RE: Apple slaps bandaid on critical Safari (Windows) security holes

        @William Pharaoh

        You're a jerk.
        DeusXMachina
      • RE: Apple slaps bandaid on critical Safari (Windows) security holes

        @William Pharaoh
        LMFAO :D
        MrElectrifyer
    • it's called

      @fr_gough
      yellow journalism. every little dig keeps helps.
      i suppose the better term would be yellow blogging.
      sportmac
  • RE: Apple slaps bandaid on critical Safari (Windows) security holes

    People running Windows use Safari...?
    DJThuht
    • RE: Apple slaps bandaid on critical Safari (Windows) security holes

      @DJThuht I run Safari, Firefox and IE on Windows 7.

      Safari - for MobileMe bookmarks sync from my Mac. I consider it to be my "personal" browser (i.e. non-work)
      Firefox - for work related stuff that doesn't require IE
      IE - out of desperate necessity for the eHR system.
      TheSceptic
  • RE: Apple slaps bandaid on critical Safari (Windows) security holes

    I too want an explanation for the sensationalist use of the term "bandaid" which was NOT justified in the article, as well as "gaping security holes". In what way were these holes any more "gaping" than any other bugs any other company patches in updates.

    Ryan Naraine, you are officially a troll.
    DeusXMachina
  • Does anybody with Windows actually use Safari?

    I'm just curious. I have an iMac and use Chrome for my browsing. Before Chrome, I used Firefox. Safari is my least favorite Apple program ever. I don't even know any Apple users who use Safari regularly. So I'm just wondering why a Windows user would choose to use Safari. It would be rather like me deciding to use INternet explorer.
    crabitha
    • RE: Apple slaps bandaid on critical Safari (Windows) security holes

      @crabitha

      Hate to break it to ya, but if you use Chrome, you are essentially using Safari. Most of the code in Chrome was written by Apple.
      DeusXMachina
  • Slightly biased headline?

    A band-aid. As in it covers up the problem but doesn't fix it? Is that what every security update is now?

    What about the new features in Safari 5.1? Are they not worth mentioning?
    TheSceptic