Where's our Mac Version?Oh that's right, we use OSX--)))))
OK, DaBrain! I've now punched a hole in my brand new MBP screen, trying to kill that bug crawling around where your avatar should be! (the first bug I've seen on Mac OS X!)
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Addresses Security Issue in Safari 3.1.2 for Windows
- Thread starter MacRumors
- Start date
- Sort by reaction score
OK, DaBrain! I've now punched a hole in my brand new MBP screen, trying to kill that bug crawling around where your avatar should be! (the first bug I've seen on Mac OS X!)
That statement is kind of interesting in this thread, since Apple has now plugged the hole in Safari that was announce roughly 1 month ago, but in the meantime, if we look at the other half of this "blended threat", that's a flaw in Windows which was a year old when the Safari half was announced a month ago, which is still not plugged.
Thus, the track record for the two halves of this flaw are:
Apple: plugged in 1 month
Microsoft: not plugged after 13 months (and counting).
Whoo Hoo Microsoft! Rah, rah ...huh?
-hh
I would like to see too, why does the guy I quoted think so? and is he that unique in thinking so?
I called it mis-conception by intentionally vague statement. I know, I know, every company is doing it. But that doesn't make it right, and if its wrong, at least I put out the facts, if some people already know the facts, thats fine too. Just a way of stop lies, by apple, or by whoever got misconception from anywhere.
haha, if you think invention is to give a name. or just write part of the code, good for you! what is "invent" anyway, in your mind?
"ONLY" underlying layers, sounds like not important at all, how about remove em!
can you describe again what flaw of windows is, in that "half" you talked about?
Still, you provide absolutely no proof that Apple has made these claims that you say are lies. Nice strawman argument there.
well, let me refer this question to the guy I quoted:
Please tell me why do you think apple invented CUPS?
Active Dierctory etc
Hi,
Firstly I work as an IT manager, and for my home use a Mac Pro and Mac Mini for all home stuff. Far more reliable for what I need to do in my personal life, and suits all my needs.
But for business, well that different. My whole back bone is based upon windows 2003 server, for Active Directory, Terminal Server, RIS (Does Osx have this, I really dont know), File Server,
Sharepoint you name it. Whilst Osx clients are all good, Windows server is what keeps the business running. And to be fair, I've yet to have any server crash through software errors (ok, maybe TS with Printer driver), but server 2003 is rock solid.
But what is interesting is that we are replacing all Windows push mail devices with Iphone, when its released with exchange support. This is a far superior solution to our current mobile 5/6 stuff. Now if Apple aere going to break into the windows market, this will be the 1st step. Maybe more will follow, we'll have to wait and see guys.
Don't get me wrong, I love OSX but for business I think windows is king for now.
Hi,
Firstly I work as an IT manager, and for my home use a Mac Pro and Mac Mini for all home stuff. Far more reliable for what I need to do in my personal life, and suits all my needs.
But for business, well that different. My whole back bone is based upon windows 2003 server, for Active Directory, Terminal Server, RIS (Does Osx have this, I really dont know), File Server,
Sharepoint you name it. Whilst Osx clients are all good, Windows server is what keeps the business running. And to be fair, I've yet to have any server crash through software errors (ok, maybe TS with Printer driver), but server 2003 is rock solid.
But what is interesting is that we are replacing all Windows push mail devices with Iphone, when its released with exchange support. This is a far superior solution to our current mobile 5/6 stuff. Now if Apple aere going to break into the windows market, this will be the 1st step. Maybe more will follow, we'll have to wait and see guys.
Don't get me wrong, I love OSX but for business I think windows is king for now.
Don't know if it's been posted but anyway; new things in Safari 3.1.2 for Windows.
When going to download a file safari asks if you want save, open or cancel.
You can now save a file to a folder before downloading without having to go to Preferences.
When going to download a file safari asks if you want save, open or cancel.
You can now save a file to a folder before downloading without having to go to Preferences.
well, these should be available for OSX version as well. Is there a 3.1.2 for OSX on the way then?
That still doesn't answer why you think Apple claims they invented Webkit or Safari, Multi-touch, OS X, or LLVM.
did you not read my word of "mis-conception by vague statement and give people misleading information"?
I THINK apple "intentionally made vague statement and give people false impression and information". did I say apple outright "lie in their statements"? did I?
actually, it did outright lie in some cases, just not in this specific case and not in the list i mentioned above.
And still you fail to provide any evidence of these statements. Where and/or when did Apple say any of these things you claim? Maybe a link or something you can provide? I could just as easily say that "you claim you invented Firefox; which is false: Hyatt/Ross did" but without any proof that you ever made such a claim, refuting something that never happened seem disingenuous.did you not read my word of "mis-conception by vague statement and give people misleading information"?
I THINK apple "intentionally made vague statement and give people false impression and information". did I say apple outright "lie in their statements"? did I?
actually, it did outright lie in some cases, just not in this specific case and not in the list i mentioned above.
The flaw in windows IE as requested by Clevin.
Have a read of this. It may enlighten you.
http://liudieyu0.blog124.fc2.com/blog-entry-1.html
A quick excerpt:
"Aviv Raff posted on his blog "Safari pwns Internet Explorer", clarifying "this combined attack also exploits an old vulnerability in Internet Explorer that I've already reported to them a long long time ago"."
Another:
"The old vulnerability that Aviv Raff reported to Microsoft long time ago is described in two articles by Aviv Raff: IE7 DLL-load hijacking Code Execution Exploit PoC, and Internet Explorer 7 - Still Spyware Writers Heaven, both dating back to 2006(yeah that's really "a long long time ago"). This vulnerability lies in Windows Internet Explorer loading program library files(DLL) from user's Desktop instead of its own library file folder(usually C:\WINDOWS\SYSTEM32), when filenames are set to some specific values."
And finally:
"Safari for Windows downloads files to Desktop by default with no confirmation - which is a quite reasonable and convenient feature."
So Apple just patched a feature, whilst a potentially dangerous bug still resides in IE. Go figure.
Have a read of this. It may enlighten you.
http://liudieyu0.blog124.fc2.com/blog-entry-1.html
A quick excerpt:
"Aviv Raff posted on his blog "Safari pwns Internet Explorer", clarifying "this combined attack also exploits an old vulnerability in Internet Explorer that I've already reported to them a long long time ago"."
Another:
"The old vulnerability that Aviv Raff reported to Microsoft long time ago is described in two articles by Aviv Raff: IE7 DLL-load hijacking Code Execution Exploit PoC, and Internet Explorer 7 - Still Spyware Writers Heaven, both dating back to 2006(yeah that's really "a long long time ago"). This vulnerability lies in Windows Internet Explorer loading program library files(DLL) from user's Desktop instead of its own library file folder(usually C:\WINDOWS\SYSTEM32), when filenames are set to some specific values."
And finally:
"Safari for Windows downloads files to Desktop by default with no confirmation - which is a quite reasonable and convenient feature."
So Apple just patched a feature, whilst a potentially dangerous bug still resides in IE. Go figure.
Try to integrate an office with OS9 & OS10 without Dave to let you on a windows server. Try executing a SQL command outside of FileMaker.
Can't be done even with the last Apple Server Upgrade.
To be competive TODAY not next year you must run 3rd party apps & pay for them for each seat.
Just like Vista not every business can upgrade to OSX. And don't even get me started on Fonts. People from Windows don't know the trouble with TrueType for commercial printers.
Still much to learn for Apple & creating new standards isn't the answer for Big Busines.
No it doesn't - it also extends GPOs to Unix and OS X machines. You don't need any extensions to log onto an Active Directory system: It's supported out of the box in OS X
There will always be companies with special needs that aren't adequately met by Windows or OSX or Linux..... there's no such thing as a "one size fits all" solution for every situation. However, nothing you've mentioned changes the fact that "I've been, among other things, a database consultant for more than 10 years and I have no trouble working day-to-day on a Mac. It does everything a Windows PC can do... and more."
First, I take your point that there is a vulnerability within windows, that related to this event.
I never think excerpt is a comprehensive way of saying things, sometimes its even misleading. lets see
Mr. raff also said
a feature? maybe one person think its a feature, thats fine, but Mr. Raff, which you quoted repeatedly think its the ROOT of a problem and think its a Vulnerability. Which I tend to agree.
Apple patched a feature? not in my regard.
Also, Mr. Raff said
He didn't "bother" contacting apple, and his advice was "took" by microsoft. Do you sense the comparison here?
I do have the sense that apple is gradually realizing the security problem and is putting more attention on it. This is always a very good thing.