--------
With the release of Safari 4.0.3 yesterday, Apple not only improved stability and compatibility with the software, but also included a number of security fixes, detailed in a Support document on the company’s official web site. Affecting Safari 4 for Windows and Mac (Tiger and Leopard), a total of 6 vulnerabilities have recently been discovered in the browser and patched with the Safari 4.0.3 update. For example, with the help of SecureThoughts.com, Apple has discovered that a maliciously crafted website may be promoted into Safari's Top Sites view. In the case of Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.7, Mac OS X Server v10.5.7, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows XP and Vista, it is possible for a malicious website to promote arbitrary sites into the Top Sites view through automated actions. The Top Sites feature provides an at-a-glance view of a user's favorite websites. “This could be used to facilitate a phishing attack,†Ap!
ple explains on its web site. “This issue is addressed by preventing automated website visits from affecting the Top Sites list. Only websites that the user visits manually can be included in the Top Sites list. As a note, Safari enables fraudulent site detection by default. Since the introduction of the Top Si...
--------
http://news.softpedia.com/news/About-the-Security-Content-of-Safari-4-0-3-119006.shtml
This e-mail was sent by Experiment23 Inc., located in New York, NY
10163. To not receive further e-mails, please visit
http://help.pingie.com
No comments:
Post a Comment