Author Topic: Safari 3.1 For Windows Vulnerable To Hacks  (Read 14601 times)

0 Members and 1 Guest are viewing this topic.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #15 on: March 29, 2008, 01:07:57 PM »
That's probably where I noticed it. Getting old, I'm afraid. Memory going...
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Hard_ROCKER

  • Guest

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #17 on: March 29, 2008, 02:55:41 PM »
Flash vulnerability on Vista.  ::)
« Last Edit: March 29, 2008, 03:08:26 PM by FreewheelinFrank »
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #18 on: March 29, 2008, 03:39:32 PM »
Quote
Quote from: bob3160 on Yesterday at 04:50:20 PM
All this really proves is that there is no such thing as 100% safe anything.

It's still up to the user which computer to buy and what software to run.
Sooner or later, even the best of us will get caught by a new malware infection. Cry
Keep your guard up and your back-ups handy. Grin

Quote
I seem to remember you saying the same thing back in '06, Bob, when all those holes were appearing in IE6.
Frank,
I didn't notice any hackers going on vacation since 06 ???  ;D

If anything, the amount of attacks against all systems have increased since 06 making increased security
even more vital today than ever before.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #19 on: March 29, 2008, 04:44:58 PM »
Quote
Sooner or later, even the best of us will get caught by a new malware infection.

Quote
I didn't notice any hackers going on vacation since 06

I think you missed my point, which was that I'm still waiting to get caught as you promised. The increasing number of attacks just makes me further doubt the notion that 'there is no such thing as 100% safe anything,' and that browsers are much of a muchness when it comes to security.

     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #20 on: March 29, 2008, 07:17:08 PM »
Quote
Using a zero-day vulnerability in Adobe's ubiquitous Flash Player, hacker Shane Macaulay hacked into a Windows Vista laptop to win a $5,000 cash prize at this year's CanSecWest Pwn2Own challenge.

Macaulay, who uses the "K2" hacker moniker, also won the Fujitsu U810 laptop running Windows Vista Ultimate SP1 that he hijacked with the exploit.

According to sources at the conference, the Adobe Flash vulnerability is "cross-platform."

Details of the vulnerability and the attack vector are now the property of TippingPoint's ZDI (Zero Day Initiative), the sponsor of the CanSecWest Pwn2Own challenge. Officials from ZDI have confirmed the unpatched nature of the flaw and are coordinating the disclosure process with Adobe.

Earlier in the week, security researcher Charlie Miller hijacked Apple's MacBook Air with a drive-by exploit against the Safari browser. That exploit carried a $10,000 cash prize, plus the hacked laptop.

A Sony VAIO VGN-TZ37CN machine running Ubuntu 7.10 "Gutsy Gibbon" was the only laptop left standing after the three-day challenge.

http://securitywatch.eweek.com/exploits_and_attacks/vista_hacked_with_adobe_flash_vulnerability.html
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #21 on: March 29, 2008, 08:29:44 PM »
Quote
I think you missed my point, which was that I'm still waiting to get caught as you promised.
My promise was "Sooner or Later"  I never set a time frame on "Later:) :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #22 on: March 29, 2008, 11:28:33 PM »
Hi bob3160,

Returning to the vulnerabilities at hand: http://secunia.com/advisories/29483/
Also a link there to check for unauthorized installations of Safari..

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

neal62

  • Guest
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #23 on: March 30, 2008, 07:41:17 AM »
I downloaded Safari 3.1. to try it out. I must say that my flock browser on my machine is still faster and offers more and is smaller in footprint.  ;D

Offline Marc57

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1944
  • KISS Rules The World!!!
    • KISS Army
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #24 on: March 30, 2008, 07:56:19 PM »
You probably wouldn't see these vulnerabilities in Safari 3.1 on a mac, It's probably the same thing as running IE7 on windows XP versus Vista. IE7 is much safer on Vista than it is on XP ( this is suppose to change in XP sp3).
« Last Edit: March 30, 2008, 08:08:07 PM by marc57 »
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #25 on: March 30, 2008, 11:08:35 PM »
Quote
You probably wouldn't see these vulnerabilities in Safari 3.1 on a mac
Probably not but it's an underhanded way for Apple to again make Microsoft look bad.  :o
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline .: Mac :.

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5093
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #26 on: March 30, 2008, 11:44:27 PM »
Quote
You probably wouldn't see these vulnerabilities in Safari 3.1 on a mac
Probably not but it's an underhanded way for Apple to again make Microsoft look bad.  :o

Or if the flaw does not exist on the Mac side maybe its windows that is the problem  ::)
"People who are really serious about software should make their own hardware." - Alan Kay

Offline Marc57

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1944
  • KISS Rules The World!!!
    • KISS Army
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #27 on: April 01, 2008, 06:08:25 PM »
Flash vulnerability on Vista.  ::)

Yep, but if you read this: http://blogs.zdnet.com/security/?p=993&tag=nl.e539

It seems that the flash vulnerability could have taken down any of the three.

"The flaw is in something else, but the inherent nature of Java allowed us to get around the protections that Microsoft had in place,” he (Macaulay) said in an interview shortly after he claimed his prize Friday. “This could affect Linux or Mac OS X.”

Macaulay said he chose to work on Vista because he had done contract work for Microsoft in the past and was more familiar with its products.

Aha, so there is your story right there, this flaw could’ve worked on any of the systems; however, the contest rules state that the same exploit can only be used to compromise one machine (see rule #2 from the cansecwest.com web page which states “You can’t use the same vulnerability to claim more than one box, if it is a cross-platform issue.”), and Macaulay used Vista because it was what he was more familiar with."


Update, Sorry for posting this, I missed Franks post on the same thing.
« Last Edit: April 01, 2008, 06:25:01 PM by marc57 »
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6927
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #28 on: April 01, 2008, 06:37:59 PM »
Same thing can be said for hacked Mac... they used Safari, and if it can be hacked on Apple, there is no reason not to be able to hack it on any Windows machine, it is even more vulnerable on Windows than on OS X. It is a software issue, not hardware issue at all.
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Safari 3.1 For Windows Vulnerable To Hacks
« Reply #29 on: April 02, 2008, 01:57:41 AM »
Quote
it is even more vulnerable on Windows than on OS X
It is equally vulnerable on any system that's using Safari 3.1
The vulnerability exists in the browser.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet