On TV.com: 2009's Most PIRATED TV Show
BNET Business Network:
BNET
TechRepublic
ZDNet

April 16th, 2008

Apple releases Safari 3.1.1 security update

Posted by Jason D. O'Grady @ 8:16 pm

Categories: Safari, Security, Software, Software Update

Tags: Apple Safari, Apple Inc., Security Administration, Apple Mac OS, Security, Operating Systems, Software, Jason D. O'Grady

Apple releases Safari 3.1.1 security updateUnder cover of darkness, Apple released Safari 3.1.1 via Software Update tonight. In typical Apple form the description is purposefully vague, recommending the update “for all Safari users” and telling us that it “includes improvements to stability, compatibility and security.” A-ha.

Apple’s About the security content of Safari 3.1.1 page tells a little more, stating that the update fixes two nasty Webkit bugs (in the Mac OS version):

  • WebKit CVE-ID: CVE-2008-1025
    Impact: Visiting a malicious website may result in cross-site scripting
  • WebKitCVE-ID: CVE-2008-1026
    Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution

I bet that this Safari update fixes the exploit that was discovered at the CanSecWest hacking contest on 31 March by Charlie Miller who won a MacBook Air (and $10,000 cash) after breaking into the machine via one of the its built-in apps (presumably Safari).

Jason D. O'GradyJason D. O'Grady is the editor of PowerPage.org, which has been publishing daily mobile technology news since December 1995. For disclosures on Jason's industry affiliations, click here or to view Jason's full profile click here.

Email Jason D. O'Grady

Subscribe to The Apple Core via Email alerts or RSS.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

  • Talkback
  • Most Recent of 16 Talkback(s)
Ignore below
Ok so you had selected the "don't ask again option" before. So ignore my post below.

I agree with you that the Apple SW update for Windows is crappily designed when it comes to the pre-selectio... (Read the rest)
Posted by: vmaatta Posted on: 04/18/08 You are currently: a Guest | | Terms of Use
And they offered it to me, even though I said "ignore" Safari before  PB_z | 04/16/08
argh  Mike (not Cox) | 04/17/08
Are you guyz on PC's cause I don't get that on my Mac?  James Quinn | 04/17/08
Yup  Mike (not Cox) | 04/17/08
You don't know Steve Jobs very well do you?  xuniL_z | 04/17/08
Oh please... (nt)  vmaatta | 04/17/08
you don't get it because it's all ready on your mac James  SO.CAL Guy | 04/17/08
Check "never ask again"  vmaatta | 04/17/08
Check "never ask again"  vmaatta | 04/17/08
As I predicted...  Ben_E | 04/17/08
I don't understand?  James Quinn | 04/17/08
Word games  jshaw4343 | 04/17/08
Okay, I'll take the bait...  Ben_E | 04/17/08
They do that to save the embarrassment of users  xuniL_z | 04/17/08
Ignore below  vmaatta | 04/18/08
Check the facts  vmaatta | 04/17/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement
Click Here

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here