Safari Beta Security Slammed; 8 Vulnerabilities Found

Not even a day after Apple unleashed its Safari 3 beta into the wild, security researchers have found a host of security issues for both the Mac OS X and Windows versions.

Security researcher David Maynor (of Black Hat Airport vulnerability fame) details on his blog 6 vulnerabilities, 4 of which were denial of service and 2 were remote code execution. In addition, Maynor claims that one of the bugs found is weaponizable.

Separately, Thor Larholm writes in his blog (which is mentioned by Maynor) another vulnerability involving the Safari beta on Windows, where Safari does not properly validate command-line input. To round out the vunerabilities, Aviv Raff discovered a memory corruption issue that caused Safari on Windows to crash.

In each incident, the researchers seemed to take issue with Apple's claim that "Apple engineers designed Safari to be secure from day one." To be fair, the software is still in beta, although the beta on OS X overwrites the user's previous version of Safari.

Popular Stories

google drive for desktop1

Google to Roll Out New 'Drive for Desktop' App in the Coming Weeks, Replacing Backup & Sync and Drive File Stream Clients

Tuesday July 13, 2021 1:18 am PDT by
Earlier this year, Google announced that it planned to unify its Drive File Stream and Backup and Sync apps into a single Google Drive for desktop app. The company now says the new sync client will roll out "in the coming weeks" and has released additional information about what users can expect from the transition. To recap, there are currently two desktop sync solutions for using Google...