Safari 3.2 update leaves Mac fanboys' balls in a spin
Print storyApple fails to shoot from hip with latest browser
Posted in Applications, 17th November 2008 12:20 GMT
Join our expert panel in discussing application security
Mac fans have given the latest version of Apple’s Safari browser a frosty reception after complaining that the update is causing frequent crashes.
Apple quietly released Safari 3.2 last week. It comes loaded with improved anti-phishing protection and the latest security updates.
It’s available for download both for Mac OS X and Windows XP or Vista.
Unsurprisingly, many of the security updates built into the latest version of Apple’s browser are specific to the Windows version.
The Cupertino-based company didn’t make a song-and-dance about the release of Safari 3.2, but since it landed last Thursday users who have downloaded the browser have been complaining about it on various Mac forums across the interweb.
Many have made angry posts about the frequency of crashes occurring in Safari 3.2.
“Its happened 3 or 4 times now to me...... spinning beach ball then it quits! Quite annoying,” grumbled richwig83 on the MacNN forum yesterday.
And his experience appears to be typical. Some of the posts imply that the new anti-phishing feature could be causing a big headache in 3.2, while others have suggested that “PithHelmet” ad-blocking software is doing the damage.
Apple, which at time of writing could not be reached for comment, is keeping schtum for now.
“For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available,” it said last Thursday when the firm released the latest version of its browser.
Safari 3.2 comes with an update to Webkit - which is the framework that underpins Apple's browser - that restricts the types of URLs that can be launched through the plug-in interface.
The firm has also stitched together a hole in Safari’s JavaScript handling of array indices to prevent random code execution and it's also fixed a bug with its form field. The browser previously had a flaw in its autocomplete feature, which meant that disabling it didn’t guarantee data wouldn’t be stored. ®
Airport insecurity: the case of lost laptops
Can Outsiders Enhance Exchange?
The business case for application security
Exchange 2007 risks and mitigation strategies
The best practices guide for application security
Google code cloud punts on-demand embarrassment
Microsoft weighs next-phase in open-source support
iTunes minus the player: hack your Apple beats
Oracle plans cloud strategy