Wednesday, June 13, 2007

Safari for Windows Beta 3 - Vulnerabilities found in found in mere minutes

Apple corporation released Safari 3.0 beta 3 and works on Windows as well. I downloaded and tested B3 after Frank sent an email of this release. Just cruising the web i found already 10s of vulnerabilities in this browser by far. This was further confirmed by an email i received just hours after downloading Safari 3.0 Public Beta. One researcher apparently could perform a BO using a standard fuzzer in mere minutes from Apple's release!

Hmm, this makes we wonder if these products from not-so-adopted platforms and companies are put to the masses (making it available on Window for example) get to taste reality and i question the fundementals of vulnerabilities disclosure numbers.

So the question is: Is having lesser vulnerability disclosures eludes us to believe it is more secure or it is not exposed enough to know for sure?

Explanation: Just say with a Mac, there's only 10 people using it out of 1000 and 990 are using Windows. It can be safely assumed that a majoriy vulnerabilities may be exposed on Windows as opposed to a Mac. Now take a Mac application that runs on Windows, now the exposure number is no longer 10, but 1000 (10 + 990)...

Safari for Windows:

Wonder when Google's gonna' punch something out...?
Post a Comment