This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
US-CERT on Monday warned about a zero-day vulnerability affecting Apple's Safari Web browser.
US-CERT on Monday warned about a zero-day vulnerability affecting Apple's Safari Web browser."By convincing a user to open a specially crafted Web page, an attacker may be able to execute arbitrary code," the government security organization said. "Exploit code for this vulnerability is publicly available."
Security research firm Secunia has offered some additional details in its security advisory.
The vulnerability is "due to an error in the handling of parent windows and can result in a function call using an invalid pointer," the company said.
Secunia rates the vulnerability as "highly critical."
Secunia said it had tested the vulnerability on Safari version 4.0.5 for Windows. It also said that other versions of Safari may be affected.
Attempts to exploit the vulnerability in the wild have not been reported, yet.
Our editors take Apple's new platform through its paces, in the office and on the road. Here are their (differing) assessments of what works well and what doesn't. Download the report here (registration required).
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.