14 DAY TRIAL // The windows version of Safari was greeted with open hands by security researchers, which then proceeded to submit it to various experiments and pound it with strangely shaped tools. The conclusion: the Windows version of Safari is far from bug and vulnerability free.
Apple released a beta version of Safari 3 to the general public for testing, and security researches took to that and tested it. Besides being quite prone to a multitude of bugs and crashing, a relatively large number of vulnerabilities were discovered. Security researcher Thor Larholm has uncovered a URL protocol handler command injection vulnerability that creates a means to inject hostile code onto Windows systems running beta versions of the browser software. "I now have a fully functional command execution vulnerability, triggered without user interaction simply by visiting a website," Larholm writes.
Researcher Aviv Raff found a vulnerability, a memory corruption error that could allow an attacker to insert malicious code on a Windows machine, within three minutes using publicly available fuzzing tools. Last but not least by any means, David Maynor claims to have found no less than six vulnerabilities, of which one also works on the current official version of Safari.
Not surprisingly, Maynor, according to his disclosure policy, will not report the bug to Apple. According to him, "the exploit is robust mostly thanks to the lack of any kind of advanced security features in OSX." Much like in the case of the Wi-Fi exploit, next to no information about these bugs is known, other than the fact that they exist. Unlike the vulnerabilities discovered by other developers, Maynor's one would be far more important since it affects all versions of Safari, both on Windows and on OS X. But if the vulnerability is also in the OS X version - which has been around for literally ages - and it is as simple to find as Maynor makes it out to be, how come it was not found before, and neither was it exploited?