Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Avaya Newsroom Experiences That Matter Cisco Partner Summit Digital 2020 Cyber Resilience Zone HPE Zone The Business Continuity Center Enterprise Tech Provider Masergy Zenith Partner Program Newsroom HP Reinvent Digital Newsroom Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom Intel Partner Connect 2021 NetApp Digital Newsroom The IoT Integrator Intel Tech Provider Zone NetApp Data Fabric WatchGuard Digital Newsroom

Apple Safari Patch Shows Products Not Hacker Proof

Apple released this week a fix for a record 83 vulnerabilities in Safari, nearly 90 percent critical.

The fixes mostly involve the open-source WebKit browser engine at the heart of Safari and Google Chrome. The engine also drives browsers on iOS and Android.

Safari 5.1.4 repaired 72 critical glitches that exposed the browser to multiple attack options, including cross-site scripting, disclosure of cookies and arbitrary code execution. "There are a couple of takeaways from this, the first being that Apple products are 'hacker proof' is a myth," Marcus Carey, security researcher at Rapid7, said in an e-mail.

The second takeaway is the need to manage the use of Apple laptops, tablets and smartphones when connected to a corporate network. "Even just allowing employees to install iTunes on their machines exposes the organization to Safari/WebKit vulnerabilities," Carey said.

While self-interest is an element of security vendor Rapid7's remarks, most experts agree that Apple's Safari and Mac OS X is not any more secure than new versions of Microsoft Internet Explorer and Windows. The latter remains the number one target of hackers because of its much larger installed base and because cyber-criminals have more tools and code available to update malware for new attacks.

The Safari update followed by about a week a patch for 81 security flaws found in iOS, the operating system for the iPhone and iPad. In the Safari fix, Apple benefited from Google's Pwn2Own hacking contest, where several of the latest glitches were discovered this month.

Back to Top

Video

     

    trending stories

    sponsored resources