February 22, 2012

You are here: Home / Archives for Vulnerability / Safari

New “Highly Critical” Windows 7 Vulnerability

December 21, 2011 By

(LiveHacking.Com) – Microsoft are investigating a new vulnerability in Windows 7 which causes a blue screen of death (BSoD). A “researcher” named webDEVIL posted to twitter that “<iframe height=’18082563′></iframe> causes a BSoD on win 7 x64 via Safari. Lol!”  Security company Secunia then posted an advisory rating the issue as “Highly critical” as the fault can lead to system compromise and successful exploitation does not require any user interaction.

The vulnerability is due to an error in win32k.sys and can be used to corrupt memory via a specially crafted web page. Successful exploitation may allow execution of arbitrary code with kernel-mode privileges. It isn’t clear yet if an actual exploit exists or if this is just a potential hole to launch an attack.

“We are currently examining the issue and will take appropriate action to help ensure customers are protected,” Jerry Bryant, group manager of response communications for Microsoft’s Trustworthy Computing Group, said in a statement to SecurityWeek. The vulnerability is confirmed on a fully patched Windows 7 Professional 64-bit. Other versions may also be affected.

Filed Under: Microsoft, Microsoft, Safari, Vulnerability Tagged With: , ,

Security Updates for Safari

November 19, 2010 By

Apple has released versions 5.0.3 and 4.1.3 of its Internet browser Safari. The updates address several security vulnerabilities in the WebKit-based browser. The Safari updates fix more than 25 security holes in the browser’s open source WebKit rendering engine, most of them rated as critical.

Safari 5.0.3 & Safari 5.0.3 Windows update highlights:

  • More accurate Top Hit results in the Address Field
  • More accurate results in Top Sites
  • Fixes an issue that could cause content delivered with the Flash 10.1 plug-in to overlap web page content
  • More reliable pop-up blocking
  • Fixes an issue that affected playback of some videos shot or edited to include rotations and flips
  • Improved stability when typing into search and text input fields on www.netflix.com and www.facebook.com
  • Improved stability when using JavaScript-intensive extensions
  • Improved stability when using VoiceOver with Safari
[ad code=6 align=left]

For detailed information on the security content of this update, please visit this site:http://support.apple.com/kb/HT1222

Safari 5.0.3 is available to download for Mac OS X 10.5.8 Leopard, 10.6.2 Snow Leopard and Windows XP SP2 or later. Alternatively, Safari 4.1.3 is provided for users running Mac OS X 10.4.11 Tiger. Mac OS X users can upgrade to the latest release via the built-in Software Update function. All users are advised to upgrade to the latest release as soon as possible.

Filed Under: Apple, Safari, Vulnerability Tagged With: , , , , ,