Safari holes get plugged

Apple has updated Safari to version 3.2 for both Mac OS X and Windows XP/Vista.  A dozen security holes were plugged, including some that were deemed ‘very serious.’  The holes could allow someone to take over the compromised machine.

The more serious holes include:

  • a heap buffer overflow issue that could allow a specially designed html page to cause application termination or arbitrary code execution.
  • a heap buffer overflow in CoreGraphics handling of color spaces could allow a specially designed image to lead to unexpected application termination or arbitrary code execution.
  • a problem with memory access issues in ‘libTIFF’s handling of compressed TIFF images could cause, yet again, application termination or arbitrary code execution.

And the list goes on.  This proves, yet again, that no  matter how smart your developers are, no matter how diligent they think they are, they are not perfect.   I think “PC” should remind them in the next ‘get a mac’ commercial.  But, hey, if he doesn’t, I don’t mind picking up the slack.  After all, it is my duty to point out that OS X Leopard is broken and needs to be fixed.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s