MacRumors

macrumors bot
Original poster
Apr 12, 2001
54,229
16,040
https://www.macrumors.com/images/macrumorsthreadlogodarkd.png

Apple has released an update to its Safari browser, Beta 3.0.2 for Mac and PC via its website and Software Update.

Changes in Safari 3.0.2 for Windows beta:
- Latest security updates
- Improved stability
- Fixes for text display, non-English systems, and start-up times

Changes in Safari 3.0.2 for Mac OS X beta:
-Latest security updates
-Improved stability
-Improved WebKit support for Mail, iChat and Dashboard

Also released today is Security Update 2007-006 for Mac OS 10.3.9 and Mac OS 10.4.9 and later. The update addresses two vulnerabilities in WebKit, one of which could lead to an unexpected application termination or arbitrary code execution. More information on the update can be found here.

Though still in beta, the initial release of Safari 3.0 had seen 8 vulnerabilities discovered within 24 hours of its release, some of which were cross-platform. Apple quickly released Safari 3.0.1 for Windows which addressed some of the Windows-specific vulnerabilities discovered.
 

Peace

Cancelled
Apr 1, 2005
19,546
4,555
Space The Only Frontier
I think people with 10.4.10 don't need the security update.I tried to install it and it wouldn't let me.
 

Attachments

  • securityupdatenogo.jpg
    securityupdatenogo.jpg
    63.4 KB · Views: 103
Comment

NewSc2

macrumors 65816
Jun 4, 2005
1,044
2
New York, NY
Comment

TheAnswer

macrumors 68030
Jan 25, 2002
2,519
1
Orange County, CA
I actually think that you won't get both updates if you are running the beta...since the security update patches WebKit, maybe it's part of the Safari beta update? And those not running the beta will get the security update?
 
Comment

roland.g

macrumors 604
Apr 11, 2005
6,921
2,300
3.0.2 still didn't fix the fact that the white headlines within the red bar on the MR front page news items are wayyyy tooo booold. As is everything else. It is so thick and blurry. So much for text display fixes.
 
Comment

Doctor Q

Administrator
Staff member
Security Update 2007-006 details

WebCore

Visiting a malicious website may allow cross-site requests
An HTTP injection issue exists in XMLHttpRequest when serializing headers into an HTTP request. By enticing a user to visit a maliciously crafted web page, an attacker could conduct cross-site scripting attacks. This update addresses the issue by performing additional validation of header parameters. Credit to Richard Moore of Westpoint Ltd. for reporting this issue.​

WebKit

Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
An invalid type conversion when rendering frame sets could lead to memory corruption. Visiting a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution. Credit to Rhys Kidd of Westnet for reporting this issue.​
 
Comment

longofest

Editor emeritus
Jul 10, 2003
2,875
1,532
Falls Church, VA
So some of the Apple vulnerabilities haven't been fixed yet? I haven't downloaded Safari 3 myself (quite fond of Firefox) but I thought I'd check it out.

yeah... 3.0.1 only addressed the Windows-specific vulnerabilities. Some folks took that to mean that the vulnerabilities that were found WERE only windows-specific, but that's not the case. Apple just took a little while to fix the rest of them. Even now, I'm not sure whether all of them have been patched, as a few more have been trickling out, although they haven't been as severe, hence why we haven't been covering them.
 
Comment

Eraserhead

macrumors G4
Nov 3, 2005
10,433
12,251
UK
I think people with 10.4.10 don't need the security update.I tried to install it and it wouldn't let me.

I suspect they are only for Safari 2.0.x users, as some vulnerabilities affected that version too, which is why they aren't in software update.
 
Comment

Snowy_River

macrumors 68030
Jul 17, 2002
2,519
0
Corvallis, OR
Still hasn't fixed the proxy issue on my work machine. :(
Running it on my PB, but can't run it on my WinXP work machine because of proxy issues.
 
Comment

MacTheSpoon

macrumors 6502a
Jun 19, 2006
514
0
3.0.2 still didn't fix the fact that the white headlines within the red bar on the MR front page news items are wayyyy tooo booold. As is everything else. It is so thick and blurry. So much for text display fixes.

Crap, that's too bad... hope they fix that in the next update...
 
Comment

Cameront9

macrumors 6502a
Aug 6, 2006
827
182
Installed with no issues on my Windows machine at work. I'm not trying the beta on my Mac, though...

Can I just say that Safari on windows seems Snappier after the update? :D
 
Comment

Nermal

Moderator
Staff member
Dec 7, 2002
19,175
1,664
New Zealand
Still hasn't fixed the proxy issue on my work machine. :(
Running it on my PB, but can't run it on my WinXP work machine because of proxy issues.

Ugh, I was hoping to try it at work on Monday but it sounds like it's still not going to work :(
 
Comment

Cameront9

macrumors 6502a
Aug 6, 2006
827
182
3.0.2 still didn't fix the fact that the white headlines within the red bar on the MR front page news items are wayyyy tooo booold. As is everything else. It is so thick and blurry. So much for text display fixes.

Not having that issue here on my Windows machine. Have you tried turning the font rending to light under the preferences? I'm finding it looks EXACTLY like Safari for OS X and that the reason you think it looks blurry is psychological, since it looks so different from Windows font smoothing.
 
Comment

MacSA

macrumors 68000
Jun 4, 2003
1,803
5
UK
Safari for Windows: Is the 3.0.2 update only available through software update? Or does the link to the Apple website download 3.0.2 as a complete package? I still haven't been able to get it to work on XP SP2 so i'm not sure if this latest download/update is worth bothering with.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.