subscribe to our feed.
Earlier this week, Steve Jobs announced that Safari was coming to Windows at the WWDC. This was great news for “Developers” everywhere, as now they can view how their pages will look on all four of the major browsers: Firefox, Opera, IE, and now Safari. However, it was a nightmare for security personnel. A mere two hours after the Safari beta was released, a working command execution vulnerability was authored and on the Internet, available for anyone to use.
Thor Larholm and David Maynor, the two authors of the first zero-day exploit for Safari, explained that Safari, while secure on OS X, isn’t drawing on the same layers for security that such programs like Firefox and IE are using. In effect, it’s relying on security protocols that just aren’t there on Windows, but are on OS X. This means that the Windows version of Safari (so far) is relatively insecure.
Still, there’s hope for the fledgling program. Safari for Windows is built on an open-source browsing program, WebKit. It’s possible that, with enough help from Windows elites, the security holes stemming from the port to Windows could be filled entirely without Apple!
Link to the story on BetaNews…..
If you would like to make a comment, please fill out the form below.
wow. that didnt take long