Sales: 0800 321 3812
Support: 0845 680 3812

Posts Tagged ‘Safari’

Apple releases security update for Safari

by: Chris Hudson
12 August, 2009

Apple have released v4.0.3 of their web browser, Safari, largely to address a number of security issues in Vista, Windows XP and Mac OS X.

This Safari 4.0.3 update is available through Apple’s Software Update system, or as a download for Mac OS X 10.4.11, 10.5.7 and 10.5.8, Mac OS X Server 10.4.11, 10.5.7 and 10.5.8, and Windows XP and Vista.

The update focuses on six problems, some critical including buffer overflows in XP and Vista that can cause crashes or arbitrary code execution and a buffer overflow in Webkit that affects both Windows and Mac and again could lead to crashes or even malicious code execution.

The update also prevents the ability to promote malicious websites into Safari’s Top Sites page, the disclosure of sensitive information, the launching of file URLs and provides fixes to the handling of look-a-like characters in domain names.

This final problem is also known as a homograph spoofing attack, where phishers may replace a Latin character in a URL with one from, say a Cyrillic alphabet, that looks visually similar to the Latin character but is actually perceived as an entirely different character by a browser. This enables phishers to register domain names that look similar to familiar brand names.

Tags: , , , , , ,
Posted in News | 3 Comments »

Critical vulnerability discovered in Firefox 3.5

by: Chris Hudson
15 July, 2009

firefox-wordmark-horizontal_smallMozilla has announced a critical vulnerability in the newly released Firefox 3.5

It is possible that other versions of Firefox have this vulnerability which allows a user’s computer to be exploited by others executing code on it.

The Firefox 3.5 vulnerability arises through a bug in the Just-in-time (JIT) JavaScript compiler. This causes memory corruption by a Javascript code-handling error when faced with certain HTML tags.

To reduce the risk of exploitation it is advised that you disable the JIT for now. Here’s how:

  • Enter about:config in the browser’s location bar.
  • Type jit in the Filter box at the top of the config editor.
  • Double-click the line containing javascript.options.jit.content setting the value to false.

(Or you could use Safari…)

Anyway, as this will cause performance loss, once a bugfix is released you should swith the JIT back on by:

  • Enter about:config in the browser’s location bar.
  • Type jit in the Filter box at the top of the config editor.
  • Double-click the line containing javascript.options.jit.content setting the value to true.

UPDATE: 09:45hrs 17th July 2009: This critical vulnerability has now been fixed with the release of Firefox 3.5.1

Tags: , , , ,
Posted in News, Technology | 1 Comment »

About Us | Case Studies | Support | SLA | FAQ | Careers | Sitemap | Privacy Policy | Terms and Conditions | Special Offers | Affiliates
© 2009 Intrahost Ltd. All rights reserved. Registered Office: Redcliff Court, Redcliff Road, Hessle, East Yorkshire, HU13 0EY
Registered in England No. 5736705 - VAT Registration Number. 877 8304 76. All prices shown exclude VAT.
Providing UK web hosting services based in Manchester, Hull, Leeds, Sheffield, Barnsley : Web Design by Eye Web Solutions Limited.
Part of the Intragroup family of companies Intrahost | Intradev | Intrasource
logo relfection