Safari for Windows, 0day exploit in 2 hours

Apple released version 3 of their popular Safari web browser today, with the added twist of offering both an OS X and a Windows version. Given that Apple has had a lousy track record with security on OS X, in addition to a hostile attitude towards security researchers, a lot of people are expecting to see quite a number of vulnerabilities targeted towards this new Windows browser.

I downloaded and installed Safari for Windows 2 hours ago, when I started writing this, and I now have a fully functional command execution vulnerability, triggered without user interaction simply by visiting a web site. I will not sell this one to ZDI or iDefense but instead release it here, as I have done lately with a number of 0day vulnerabilities. This place is where you get my latest research :)

A bunch of other security researchers such as David Maynor and Aviv Raff have been pounding safariWin with their fuzzing tools, going through thousands upon thousands of test pages in the hopes of triggering some form of memory corruption for potential exploitation. I am a big fan of fuzzing and believe it can produce some tremendous results, but sometimes good old fashioned application specific knowledge can get you far.

<snip>

http://larholm.com/2007/06/12/safari-for-windows-0day-exploit-in-2-hours

You can click on the link to see the steps.

That bringing Safari to a Windows-sized user base will expose it to a Windows-sized h4x0r base as well.

medical office 8 years ago with all Macs. Never had 1 virus or 1 security breach of my network and for that matter never had a hardware problem.(the one iMac that failed failed right out of the box and was replaced the next day). While my other doctor friend has a Windows network in their office and pay 10 Xs what I do for support and security. Mac has definitely been a great business decision for my medical practice.... :)

:toast:

the author makes the claims.

put " " around stuff that is not attributable to me..

sorry again

:hi:

It's most likely a windows problem.

I use Firefox and Safari on my Mac, and I've never had a problem.. ever.

Firefox works great on my new Mac.

and hate the fact that my dual chip macbook has to have windows 98 on it, simply because one client demands it.

I have never had a problem either. I suspect that those reports of problems are sour grapes on the part of windows users who just love blue screens of death, and constant viroids destroying their data.

That's how Safari has all the necessary extensions, without actually giving the developers time to create Safari specific ones.

need your computer for and what you are used to.

Mac is a great computer and if you need graphics far superior to Windows. However, if you look at how many use windows and this includes corporations and government offices, this is where the priority of hackers are and where they go. Macs are starting to see more attacks and more vulnerabilities every day. So far, I don't see where Safari is having a lot of success with Windows and it doesn't have the security that IE-7 does.

I use Vista and and always been a Windows user and have used Mac but for me Windows works best but certainly would have no problem with a Mac either.

Whichever, you need to have the proper protection just as you would a good condom, good firewall, anti-virus and spy ware protection is just as important along with keeping up with the updates.

I can play HD movies, ripped straight from HDDVDs on my XP box. All on a box that cost me under $700 to build, with plenty of room to upgrade for future improvements (more memory, better gfx card if needed, maybe add in another ATSC tuner?)

The mini caught my eye because I was looking for a solution that was small, however after researching it, the lack of upgradability turned me off.

that area. Sounds like you are satisfied with what you are working with.

Beta testing of browsers is for people who want to attempt to hack it or are masochist. I'm neither.

I would like to point out that this is really a Firefox exploit, so if you use Firefox, you're susceptible to this.

It's not really a Safari exploit, but a Firefox exploit. It uses a flaw in Firefox, which Safari uses when it needs a plug-in, in this case Safari doesn't handle the Gopher protocol, so it uses Firefox for that. The flaw is in Firefox.