In association with heise online

16 November 2007, 10:46

Apple Safari for Windows now in its fourth beta

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Following another revision of its Safari 3 web browser for Windows, Apple is making the fourth beta version available for download just over than three months after the last beta. The company has fixed a number of bugs, some of them critical, and has added new features.

Two security holes enable intruders to inject and execute malicious program code via manipulated websites. One results from flawed handling of the browser's status bar, while the other is caused by the vulnerable version of Freetype that Apple uses. Other vulnerabilities enable cross-site scripting attacks or allow intruders to obtain confidential information. One hole enables content transferred via HTTPS to be accessed within the same domain and even to be manipulated.

Apple has also given its browser a facelift. The size of the program window can now be changed from every side of the program window. There is a new font smoothing option. Safari now takes the proxy settings in the Control Panel into account and can automatically receive proxy data via Proxy Auto-Config (.pacfiles). Other new features include the possibility to list files on FTP servers, support for international input methods, a cookie manager and a spell and grammar checker. Apple claims to have increased the overall stability of the browser and its speed in executing JavaScript, for example.

Those who have chosen to work with the previous Safari beta despite Apple's warning not to use it in an operational environment, should download and install the latest version as soon as possible. Otherwise, they leave the doors open to anyone wishing to take advantage of these now well-publicised critical security holes.

See also:

(mba)

Print Version | Send by email | Permalink: http://h-online.com/-733980
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit