Security researchers: Safari for Windows not so secure

Within hours of Apple's public release of the beta for Safari 3.0 for Windows, three security researchers independently found holes within the new browser. Researcher Aviv Raff highlighted in a blog post the company's product statement, that reads: "Apple's engineers designed Safari to be secure from day one." Raff found a vulnerability, a memory corruption error that could allow an attacker to insert malicious code on a Windows machine, within three minutes using publicly available fuzzing tools.

		Related links Apple WWDC roundup here Steve Job's keynote in full Apple invites Windows users on Safari Apple takes Safari to Windows and iPhone

Security researcher David Maynor, posting on his Errata security blog, said he was also able to generate a memory corruption error "in no time." By the end of the day, he was able to generate a total of six bugs--four producing a denial of service (crash), and two capable of executing remote code.

Veteran security researcher Thor Larholm wrote in his blog that he found a "0day" vulnerability in Safari within two hours. The flaw exists in how Safari handles URL protocols within Windows, causing a denial of service (crash). Larholm has published an exploit to demonstrate the flaw.

All of the vulnerabilities were found on Windows machines; none of the researchers could say whether these flaws also existed on the Mac OS.

Apple WWDC: Show report

As developers gather in San Francisco, they've got two big things on their minds: the iPhone and the Leopard OS. Good thing if you are over there, but if you aren't, fret not. It's the Internet age, and we've got it all wrapped up around our virtual finger. So check back with us during the week for all the onsite news.

June 15, 2007 

June 13, 2007 

June 12, 2007 

Hanwang T&Mouse

How many ways can one reinvent the wheel? Apparently, not enough. China-based Hanwang is the latest to give the modest mouse a mini makeover. Mini because it's equipped a USB optical mouse with a tiny writing touchpad sitting in a crater at the top. Hanwang says a pen or fingertip will scribble just as well on the pressure-sensitive surface to input simplified Chinese, traditional Chinese and English. While it's a cute-to-have mouse for graphic designers who work on digital tablets, its mere size and sunken position are likely a handicap to any creative usage aside from jotting the occasional single character.

See more images

Via UberGizmo

Price: N.A.
Availability: China, more info here
Device: Mouse
Specs: 11 × 6 × 2.7cm, working area 3 × 4cm, USB cord, in blue, purple, red, silver or black, bundled Screen Reader and Photo Reader software

Crave is...

The name says it all. Crave is our blog about cool gadgets and other crushworthy stuff.

Drop us an email if you have tips or suggestions.

Crave for...

» Mobile Phones (2233)

» Digital Cameras (987)

» Notebooks (1235)

» PC & Peripherals (1312)

» Handhelds (585)

» Printers (83)

» Home AV (1147)

» Music & Play (894)

» Gadgets (1486)

» Future Tech (396)

» Green Tech (172)

» Lifestyle (157)

» Luxury (22)

» Home Appliances (58)

» Cars (99)

» Games and Gear (248)

» Software (95)

» Web (118)

Previously...

2009

2008

2007

2006

2005

2004

Hot Topics

Subscribe to
Crave

What's Hot

apple apple inc. apple iphone apple ipod asia battery camera game google inc. iphone microsoft corp. microsoft windows mobile phone photograph singapore smart phone software sony corp. video

Today on CNET |  Reviews |  Crave |  Blogs |  CNET TV |  Digital Living |  Downloads