Wow that was fast!
Apple released a beta of their Safari browser last night to run on Windows and a few short hours later, vulnerabilities which allow remote code execution have been published already!
It looks like Safari for Windows was released a little early. Whatever about the small functionality bug I found, the ability to run code remotely on your Windows machine is a critical vulnerability. Don’t use Safari on a Windows machine until these exploits have been fixed.
Hard to know where the blame lies for this – Thor Larholm blames Apple’s ignorance of Windows:
On the OS X platform Apple has enjoyed the same luxury and the same curse as Internet Explorer has had on the Windows platform, namely intimate operating system knowledge. The integration with the originally intended operating system is tightly defined, but the breadth of knowledge is crippled when the software is released on other systems and mistakes and mishaps occur.
While some commenters on his site blame Microsoft:
I don’t know, the way you described it seems more like a hole in the way Windows handles things than a Safari hole. Does a Windows API call launch a shell process, or does Safari manually go and run a command line program? If it’s the Windows API for URL handling, then it’s clearly broken. Every program that needs to grab a URL should not be responsible for patching holes in Windows.
I’m surprised to say the least, but it would make more logical sense for it to be Windows but it would be hard to know I suppose.
Any official reaction to this form either camp, as to be honest it looks good for neither of them.
From a developers perspective there is a reason it is beta software. Most folk should wait for the RTM.
I was cursing Safari for another reason – yes it looks great, but on my XP machine it’s very very slow. And that’s before it tries to download quicktime and iTunes, neither of which I want.
Yes it’s beta software, buy why is Apple claiming that it’s 2 times faster (than any other browser) on it’s website?
Paul
Unless you’re a developer for the iphone…http://thenewsroom.com/details/394435?c_id=wom-bc-js
I am trying to run two Safari processes i.e. safari.exe separately. However, it seems that if one Safari.exe is already running, for every new Safari process that you attempt to start, only one Safari.exe is shown. There is also no option to create profiles like Firefox. My 2 cents.