14 DAY TRIAL // It looks like Apple isn't off the hook yet, as far as self-aware Safari is concerned. Last month, Apple's standard browser for Leopard and iPhone users has made its way onto Windows-running computers through the same program Apple uses to issue updates for iTunes and QuickTime users, Apple Software Update. Reportedly, big company administrators are now complaining that their PC operators have installed Safari believing they were updating an existing piece of software on their PCs. What used to just a "wrong" move on behalf of the Cupertino-based corporation has now turned into a security issue.
Cody Wilson, a network administrator with Soy Capital Bank and Trust in Decatur, Illinois, noticed that Safari had popped up as a download option with his Apple Software Update, a few weeks ago. As mentioned above, the program is used by Apple to issue updates for people using iTunes and QuickTime on their Windows PCs.
"This is not good; this is a security risk," he said. "We're a bank." Wilson said it has taken him more than half a week to get rid of Safari from his network and prevent this from ever happening again.
Emin, a poster to the Patchmanagement discussion list, wrote the following, according to Macworld: "What's the difference between a malware spreading across a corporate environment and a nagging system tray icon that installs another insecure default browser."
The same source also points out to an e-mail interview with Susan Bradley who agrees that Apple's sneaky update has been giving network administrators a lot of headaches: "It impacts all of us when more potential attack surface is installed in a group of folks that are vulnerable enough as it is," said Susan Bradley, chief technology officer with Tamiyasu, Smith, Horn and Braun, Accountancy Corp.
Oh, Apple. Now you've gone and done it...!