homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / HTML
Forum Library, Charter, Moderators: incrediBILL

HTML Forum

Apple Safari, critical code bug
Watch out for pop ups

 4:17 am on May 11, 2010 (gmt 0)

The latest version of Apple's Safari browser contains a critical bug that allows attackers to install malware on end user machines, security researchers have warned.

The flaw in the way Safari handles parent windows can be exploited "to execute arbitrary code when a user visits a specially-crafted webpage and closes opened pop-up windows," vulnerability tracking service Secunia warned here.

The vulnerability could also be exploited using booby-trapped email that's read using Safari, the US Computer Emergency Readiness Team said on Monday. It has been confirmed in version 4.0.5 for Windows, and the latest Mac version may also be affected.




 9:27 am on May 11, 2010 (gmt 0)

Why does email need to be read using a browser with Javascript enabled?

Why, for that matter, does reading email require a heavyweight rendering engine? There are plenty of light embeddable ones that would be harder to exploit.


 4:03 pm on May 11, 2010 (gmt 0)

The popularity of webbased email makes it an ideal avenue for malware attacks... hence using a browser to read email. I do agree that JS, for the most part, should be deactivated at all times... activated only on a case by case basis.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / HTML
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved