Severity: Medium
16 April, 2008
Summary:
- These vulnerabilities affect: Safari 3 for OS X (and Windows)
- How an attacker exploits them: By enticing one of your users to a malicious web page
- Impact: Numerous flaws, various results; in the worst case, an attacker could execute code on the victim’s computer
- What to do: Update to Safari 3.1.1 at your earliest convenience
Exposure:
Safari is the default web browser that ships with OS X. Recently, Apple also released Safari for Windows, pushingit to Quicktime and iTunes users via Apple Software Update.
Today, Apple released an advisorydescribing four vulnerabilities that affect Safari, and components that ship with it. The flaws affect both the OS X and Windows versions of Safari. The worst of these vulnerabilities potentially allows attackers to execute malicious code on your Safari user’s machines. If you use Safari in your network — whether on a PC or Mac — you should update to version 3.1.1 at your earliest convenience. Some of the fixed vulnerabilities include:
0 Comments