Apple plugs 16 holes in Safari as Pwn2Own looms

Two weeks before a browser hacking contest is to kick off in Vancouver, British Columbia, Apple yesterday patched 16 vulnerabilities in Safari, 12 of them critical bugs that could be used to hijack a machine.

Apple updated Safari for both Mac OS X and Windows to version 4.0.5, hardening the browser before it’s tossed into the ring with Microsoft’s Internet Explorer (IE), Mozilla’s Firefox and Google’s Chrome at this year’s Pwn2Own hacking challenge. The contest organizer has predicted that Safari would be the first to fall when researchers battle for $40,000 in prize money beginning March 24 at the CanSecWest security conference.

The last time that Apple refreshed Safari was in November 2009, when version 4.0.4 quashed seven bugs.

According to Apple’s advisory , three-fourths of the vulnerabilities — 12 of the 16 — were labeled with Apple’s “arbitrary code execution” phrase, meaning the flaws are critical and could be exploited to compromise a Mac or a Windows machine. Unlike other vendors, such as Microsoft and Oracle, Apple does not assign a threat ranking to the bugs it discloses.

Nine of the 16 flaws patched Thursday were in the open-source WebKit browser engine that forms the foundation of Safari; six affected only the Windows version, which runs on XP, Vista and Windows 7. Of the half-dozen Windows-only vulnerabilities, four were in the Image IO component, and could be triggered by specially-crafted TIFF or BMG image files when rendered by Safari.

Two of the 16 were reported to Apple by browser rivals. Billy Rios, a browser bug researcher who formerly worked for VeriSign but now is on the Microsoft Vulnerability Research (MSVR) team, was credited with one of the Windows-only flaws; Robert Swiecki of Google found one of the WebKit vulnerabilities.

The WebKit fixes may be timely. Last month, Aaron Portnoy, security research team lead with 3Com TippingPoint, the sponsor of Pwn2Own, bet that Safari would crumble at the contest in part because it’s built “on the notoriously buggy WebKit.”

In both 2008 and 2009, researcher Charlie Miller hacked into a Mac within minutes at Pwn2Own by exploiting an unpatched Safari vulnerability.

Safari 4.0.5 also included stability improvements for unspecified third-party browser plug-ins, performance improvements for the Top Sites feature that shows users domains they visit most often, and fixes for non-security bugs in how the browser handles router settings and works with the iWork suite’s Web-based document sharing site.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.