Apple Safari 5 patches record 48 bugs
Wednesday, June 9, 2010 8:15Apple on Monday shipped the latest version of its Safari browser, patching a record 48 vulnerabilities, including one that a pair of hackers exploited in March to win a $15,000 prize.
The new browser debuted the same day as Apple unveiled the iPhone 4 at its annual Worldwide Developers Conference.
[ Check out the video of the iPhone 4's debut at WWDC. | The Web browser is your portal to the world -- as well as the conduit that lets in many security threats. InfoWorld's expert contributors show you how to secure your Web browsers in this "Web Browser Security Deep Dive" PDF guide. ]
Safari 5, the first major upgrade to the Mac OS X and Windows browser in a year, fixed four dozen flaws, most of them in WebKit, the open-source engine that powers not only Apple’s browser but also Google’s Chrome. Apple also updated the previous edition to version 4.1 on Monday.
Among the 48 vulnerabilities was the one used by the two-man team of Vincenzo Iozzo and Ralf-Philipp Weinmann to hack an Apple iPhone 3GS in five minutes at the Pwn2Own contest last March, said Aaron Portnoy, security research team lead with HP TippingPoint. TippingPoint’s ‘s Zero Day Initiative (ZDI) bug-bounty program paid the two researcher $15,000 — a record amount for the four-year-old Pwn2Own — for the Safari bug and exploit they used to break into the iPhone.
The Iozzo/Weinmann vulnerability was in WebKit, which is also the foundation of the stripped-down Safari browser Apple builds into the iPhone, iPod Touch and iPad.
Although Apple patched the bug in Safari 5 and 4.1 for Mac and Windows this week, it has not yet addressed the issue in its mobile devices. Presumably, Apple will do that with iOS4, the operating system upgrade slated to launch for the iPhone and iPod Touch June 21, and later this year for the iPad.
Portnoy said he was sure Apple would patch the vulnerability in the iPhone — after all, that’s where Iozzo and Weinmann exploited it for their Pwn2Own victory — but admitted he had no idea when it would do so. “Apple is pretty secretive,” said Portnoy.
Apple also dealt with a Windows-only bug that Polish researcher Krystian Kloskowski revealed a month ago. That vulnerability could be exploited by attackers simply by tricking users into visiting a malicious Web site.
