From Release to Attack in a Few Hours
Within a matter of hours of the announcement at Apple's WWDC that the Beta version of Safari 3 was available for download on Windows and OS X came news that several security researchers had already found serious vulnerabilities affecting the software.
Even though the software is in Beta, the semi-production quality of many Beta releases from other companies (such as Google, who are notorious for leaving their products in an extended Beta phase, even after supposed public release) has given most users a false sense of the stability that they should expect from a Beta release.
The public announcement of the vulnerability existence before notifying the vendor (Apple) has been widely criticised, especially as the announcement was accompanied by statements that the researchers were intentionally not notifying Apple of the issue.
Some of the vulnerabilities discovered so far will affect both Windows and OS X versions of Safari, so OS X users should not be ignoring the vulnerability reports just because they initially work on the Windows version of the browser.
13 June 2007
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.Comments will soon be available for registered users.