• This forum is for posting news stories or links from rumor sites. When you start a thread, please include a link to the site you're referencing.

    THIS IS NOT A FORUM TO ASK "WHAT IF?" TYPE QUESTIONS.

    THIS IS NOT A FORUM FOR ASKING QUESTIONS ABOUT HOW TO USE YOUR MAC OR SOFTWARE.

    This is a NEWS and RUMORS forum as the name implies. If your thread is neither of those things, then please find the appropriate forum to ask your question.

    If you don't have a link to a news story, do not post the thread here.

    If you don't follow these rules, then your post may be deleted.

Safari 5.0.4 Released

Joined
Oct 27, 2002
Messages
13,172
Reaction score
348
Points
83
Location
Cleveland, Ohio
Your Mac's Specs
MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2
AppleInsider | Apple releases Safari 5.0.4 with improved stability for plug-ins

Safari 5.0.4 was released by Apple on Wednesday, packing a number of bug fixes, compatibility improvements, and improved stability for websites with multiple instances of plug-in content.

Safari 5.0.4 is available on Mac OS X via Software Update. The 39.3MB download contains improvements to stability, compatibility, accessibility and security. Changes in the update, according to Apple, include:

- Improved stability for webpages with multiple instances of plug-in content
- Improved compatibility with webpages with image reflections and transition effects
- A fix for an issue that could cause some webpages to print with incorrect layouts
- A fix for an issue that could cause content to display incorrectly on webpages with plug-ins
- A fix for an issue that could cause a Screen Saver to appear while video is playing in Safari
- Improved compatibility with VoiceOver on webpages with text input areas and lists with selectable items
-Improved stability when using VoiceOver
 
Joined
Oct 22, 2010
Messages
2,571
Reaction score
79
Points
48
Location
Bretforton, Worcestershire
Your Mac's Specs
MacBook Pro 15" 2014, 2.2GHz i7, 16GB RAM, 250GB SSD, OSX 10.9.5 - iPhone 5s 16gb
Cheers for the heads up schweb

- Simon
 
Joined
Feb 23, 2011
Messages
301
Reaction score
4
Points
18
Location
Columbia SC
Thanks for the update!

You are on top of the ball with these things.
 
Joined
Oct 13, 2009
Messages
357
Reaction score
5
Points
18
Your Mac's Specs
25" iMac 3.06 GHz Intel Core 2 Duo iPhone 4
And Safari 5.0.4 was hacked by the first hacker to try their luck at Pwn2Own
 
OP
schweb
Joined
Oct 27, 2002
Messages
13,172
Reaction score
348
Points
83
Location
Cleveland, Ohio
Your Mac's Specs
MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2
And Safari 5.0.4 was hacked by the first hacker to try their luck at Pwn2Own

Through a completely unrealistic scenario that would not actually happen in the real world, so the point?
 
Joined
Oct 13, 2009
Messages
357
Reaction score
5
Points
18
Your Mac's Specs
25" iMac 3.06 GHz Intel Core 2 Duo iPhone 4
The point is that I just read that fact on Macworld Daily and it dovetailed with your post. Nothing more sinister than that
 
OP
schweb
Joined
Oct 27, 2002
Messages
13,172
Reaction score
348
Points
83
Location
Cleveland, Ohio
Your Mac's Specs
MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2
The point is that I just read that fact on Macworld Daily and it dovetailed with your post. Nothing more sinister than that

Um, ok... :\
 
Joined
Jul 3, 2007
Messages
849
Reaction score
14
Points
18
Your Mac's Specs
iMac Core i5(3.6 GHz) 8 GB RAM, MBP C2Duo(2.4 GHz) 4 GB RAM, MB C2Duo(2.4 GHz) 2 GB RAM
Actually, Safari 5.0.3 was hacked. It's not clear if the same exploit would work in 5.0.4.
 
Joined
Oct 13, 2009
Messages
357
Reaction score
5
Points
18
Your Mac's Specs
25" iMac 3.06 GHz Intel Core 2 Duo iPhone 4
No, it was 5.0.4 that was hacked. From Macworld Daily:
"Earlier Wednesday, Apple updated version 5.0.4 fixing 62 vulnerabilities. But Vupen was still able to break the browser".
 
Joined
Sep 19, 2010
Messages
191
Reaction score
3
Points
18
Location
Minnesota
Your Mac's Specs
3.4ghz quad core ati 5850 graphics card 4GB ddr3 ram
Through a completely unrealistic scenario that would not actually happen in the real world, so the point?

5 seconds.. I think the hacked version was 5.03 though, so hopefully this one is a bit more secure.
 
Joined
Jan 19, 2008
Messages
4,695
Reaction score
73
Points
48
Location
houston texas
Your Mac's Specs
09 MBP 8GB ram 500GB HD OS 10.9 32B iPad 4 32GB iPhone 5 iOs7 2TB TC Apple TV3
Don't they do this every year and to date it means nothing to the user in the wild.
 
OP
schweb
Joined
Oct 27, 2002
Messages
13,172
Reaction score
348
Points
83
Location
Cleveland, Ohio
Your Mac's Specs
MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2
Don't they do this every year and to date it means nothing to the user in the wild.

Exactly, show me an actual case of a user on a Mac getting hacked through Safari..... *crickets* :p
 
Joined
Sep 19, 2010
Messages
191
Reaction score
3
Points
18
Location
Minnesota
Your Mac's Specs
3.4ghz quad core ati 5850 graphics card 4GB ddr3 ram
Exactly, show me an actual case of a user on a Mac getting hacked through Safari..... *crickets* :p
there are none because nobody lives to tell!
serious note though, dont have a live documented case, but these sources prove that if somebody wants to do it, they can go ahead and do it pretty quickly.
 

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
The point really shouldn't be that it hasn't been done. The very fact that it can be done and with what appeared to be relative ease should be a concern. Although there may be no instances of it occurring in the wild, the fact that it can be done so quickly needs to be the focus. It would be remiss to think that the hackers at CanSecWest are the only ones who could do this.

NOTE: I'm not trying to bash Safari in any way (I have nothing against Safari). I'd say the same thing if it was any other browser.
 
OP
schweb
Joined
Oct 27, 2002
Messages
13,172
Reaction score
348
Points
83
Location
Cleveland, Ohio
Your Mac's Specs
MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2
But they way the hacked it is not likely to be possible in a real-world scenario. That's the problem with that event.

Yes it's concerning that there's a security issue, but I'm not concerned about the way it was exploited.
 

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
I don't understand browser security so you'll have to excuse me if this sounds obtuse or ill-informed. From what I can gather though, the exploit can be utilized simply by visiting a page (see here).

Regardless, I stand by my general principle concerning browsing: the best prevention is intelligent browsing. Stay away from the shady parts of the internet and the existence of browser holes become less of an issue.
 

iWhat

,
Joined
Nov 11, 2004
Messages
5,736
Reaction score
164
Points
63
Location
Toledo, Ohio
Your Mac's Specs
Macbook, iMac G5, iPad, iPhone 4, iPod (MANY)!
I always laugh at these security test line-ups. Like the PCs v. Mac v. Linux hijack contest, where the Mac was hacked first. The only reason the Mac OS X lost, they allowed on the second day of the contest for human error to allow an exploit. The first day, they couldn't hijack any of the computers.

MacBook Air Hijacked at CanSecWest Hacker Contest - Security - News & Reviews - eWeek.com

This browser security contest is basically no different.
 
Joined
Oct 10, 2004
Messages
10,345
Reaction score
597
Points
113
Location
Margaritaville
Your Mac's Specs
3.4 Ghz i7 MacBook Pro (2015), iPad Pro (2014), iPhone Xs Max. Apple TV 4K
The point really shouldn't be that it hasn't been done. The very fact that it can be done and with what appeared to be relative ease should be a concern. Although there may be no instances of it occurring in the wild, the fact that it can be done so quickly needs to be the focus. It would be remiss to think that the hackers at CanSecWest are the only ones who could do this.

NOTE: I'm not trying to bash Safari in any way (I have nothing against Safari). I'd say the same thing if it was any other browser.

That's like saying just becauseI could run someone down with my car I should have my head examined before I'm allowed to get a license. Just because something can be done doesn't mean it will be done.

Frankly, all of this means exactly zero to actual users, except for those who prefer to be paranoid and assume there is some nasty hiding at every turn.

Regardless, I stand by my general principle concerning browsing: the best prevention is intelligent browsing. Stay away from the shady parts of the internet and the existence of browser holes become less of an issue.

While I agree with the first part of that statement, I disagree with the second part. I visit the "shady part of the web" on a regular basis. Aside from the one known Trojan that I knew not to fall for (I did download the code though) I've yet to have an issue. Being smart is one thing, being paranoid is very different.
 

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
That's like saying just becauseI could run someone down with my car I should have my head examined before I'm allowed to get a license. Just because something can be done doesn't mean it will be done.
But there's nothing to stop you from doing it if you so choose. Just like there's nothing to stop someone with malicious intent from designing a page that makes use of a browser exploit. My point was that the potential is there and it would be ignorant to equate "hasn't happened" with "won't happen."

While I agree with the first part of that statement, I disagree with the second part. I visit the "shady part of the web" on a regular basis. Aside from the one known Trojan that I knew not to fall for (I did download the code though) I've yet to have an issue. Being smart is one thing, being paranoid is very different.
That comment was directed more at individuals who aren't as comfortable or knowledgable about computers as we might be. Even though that's the case, I don't think it's fair to categorize my comments as paranoia. There's a difference between being paranoid and being intelligent. Choosing not to walk through a known rough neighbourhood isn't being paranoid, it's being smart. Just like choosing not to visit pages that could be destructive isn't paranoid, it's being smart.
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top