Bad Apples

Apple Safari Flaw Found, Fixed Six Months Later

Zero Day Initiative disclosed today the existence of a bug in the Safari browser which could allow an attacker to execute arbitrary code on vulnerable systems, if the user visits a malicious webpage containing malicious Javascript. A fix has been published by Apple at the same time as the advisory was released.

The bug was more than six months old, having been found in November 2008. Proving that Apple customers were not impacted in any way by the bug in the meantime is left as an exercise to the reader.

About the author


Razvan Stoica is a journalist turned teacher turned publicist and
technology evangelist. When Bitdefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking.

Razvan Stoica started off writing for a science monthly and was the chief
editor of a science fiction magazine for a short while before moving on to
the University of Medicine in Bucharest where he lectured on the English
language. Recruited by Bitdefender in 2004 to add zest to the company's
online presence, he has fulfilled a bevy of roles within the company since.

In his current position, he is primarily responsible for the communications and community-building efforts of the Bitdefender research and technology development arm.