back to article Code-execution bug found in Apple Safari

The latest version of Apple's Safari browser contains a critical bug that allows attackers to install malware on end user machines, security researchers have warned. The flaw in the way Safari handles parent windows can be exploited "to execute arbitrary code when a user visits a specially-crafted webpage and closes opened pop- …


This topic is closed for new posts.
  1. This post has been deleted by its author

  2. Smokey Joe


    "The US Computer Emergency Readiness Team" BooYaaahhh!

    They really love this shit those yanks, don't they?

    1. heyrick Silver badge

      "The US Computer Emergency Readiness Team"

      Sounds like something from a Tom Clancy novel.

    2. Danington the Third


      *kshht*Tango Down*kshht*

      *kssh*Good kill, Good kill, over*kshht*

    3. Moddy

      Not only the yanks...

      Since when are the yanks the only ones to have a CERT?

  3. Robert Carnegie Silver badge

    You really haven't heard of US-CERT before?

    Did you just get a computer for your birthday, sonny?

    You'll hear a lot more about them. Get ready.

  4. Mr Brush

    The sky is falling.

    But, but, but, there's no viruses on Apple stuff?

    Everyone knows that.

    1. Anonymous Coward
      Anonymous Coward


      Who said anything about viruses? Appart from you, that is.

    2. Anonymous Coward
      Gates Horns

      RE: The sky is falling.

      It's only been confirmed on the Windows version.

      I'll bet I know why...

  5. Anonymous Coward


    "Industry Standard" is probably the reason for this.

  6. Anonymous Coward
    Anonymous Coward


    A browser with a security vulnerability? Who'd have thought it?

  7. TeeCee Gold badge


    Noun: Holiday. Specifically one where you go somewhere exciting, see lots of interesting things and also quite probably catch something nasty. You may also get badly burned and regret it.

    See also: Sun lotion, Montezuma's revenge.

    1. Anonymous Coward


      Someone who scouts things out and takes all the risks that those who later go there on a "holiday" then know how to avoid...

    2. Daniel B.


      I 'spose you mean "Moctezuma's Revenge" ;)

      Safari is also an adventure that sometimes ends up with you being eaten by lions. Whoopee!!

  8. Tom Chiverton 1


    So you have to disbable JavaScript, and Flash crashes (aledgerly) - how do you use Web 2.0 now Mactards ?

    1. Anonymous Coward

      @Tom Chiverton 1

      "So you have to disbable JavaScript, and Flash crashes (aledgerly) - how do you use Web 2.0 now Mactards ?"

      A lot more smoothly and safely than the Wintards.

      You may have noticed that this defect affects the Windows version of Safari...

  9. Anonymous Coward
    Anonymous Coward

    Can they work on something for Linux now?

    I'm sure if all the Windows users chipped in together, there would be a nice cash incentives to shut the rest of the smug bastards up.

  10. Anonymous Coward
    Anonymous Coward

    Windows Safari

    I'll bet 10p that this doesn't affect Safari on OSX.

    Even if it did, most of us browse with the "Block Pop-Up Windows" option turned on...

  11. Anonymous Coward

    @Tom, @AC

    So yeah Safari (on WINDOWS) has a problem that MIGHT affect Macs. Read the article. Anyway it's a BROWSER issue, not an OS issue. Get your facts right.

  12. Anonymous Coward

    RE: Apple Bashing

    Predicatably the MS defenders have crawled out of the woodwork again. Every vulnerability reported in an Apple or Mozilla product draws them out.

    Guys, a vulnerability in a browser is hardly uncommon is it? IE has, after all, had more than it's fair share. It's hardly the end of the world for Apple or Safari because one vulnerability has been found - there have been several others.

    Notice something about this vulnerability? It only effects Windows. And that AV vulnerability reported yesterday? That is effectively a Windows problem too. The message MS and their fanboys should be taking home from this: Windows is inherently insecure.

    1. Anonymous Coward
      Anonymous Coward

      letters and/or digits

      "Predicatably the MS defenders have crawled out of the woodwork again. Every vulnerability reported in an Apple or Mozilla product draws them out."

      Likewise for every Windows flaw.

  13. justkyle

    WebKit/Safari/Camino Mac OS X Results

    WebKit and Safari both display the text dump of the file.

    Camino Downloads the file.

    After expanding the rar file, and opening it (default to webkit)

    I do have to end task.

    So, it's a vulnerability for one web browser that you have to download with a different engine based browser?

    Penguin, because browsing text mode only in lynx is the only way to be sure...

This topic is closed for new posts.