Categories: MacSoftwareWorkspace

Windows PCs Exposed By Safari Browser Bug

A security researcher has uncovered a critical bug affecting Apple Safari that could be exploited to run malicious code on Windows computers.

The discovery of the flaw is credited to researcher Krystian Kloskowski. According to an advisory from Danish security firm Secunia, the vulnerability is due to an error in the handling of parent Windows and can result in a function call using an invalid pointer.

“This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows,” Secunia wrote in its advisory. “The vulnerability is confirmed in Safari version 4.0.5 for Windows. Other versions may also be affected.”

Avoid unsolicited Links

US-CERT warned that exploit code for the vulnerability is publicly available, and warned that by convincing a victim to view an HTML document such as a Web page or e-mail attachment in Apple Safari, an attacker could run arbitrary code with the privileges of the user. Users should avoid unsolicited links in e-mails, instant messages, web forums or Internet relay chat channels, according to US-CERT.

Anyone concerned about the vulnerability can disable JavaScript in Safari until a fix is available, though many Web sites require JavaScript to operate properly.

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Share
Published by
Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved
Tags: Safari

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago