Malaysian Computer Emergency Response Team

Services

Advisories Cyber999 Help Centre Malware Research Centre Incident Statistics

MyCERT Statistic

Reported Incidents based on General Incident Classification Statistics 2010

Help Centre

Reporting Channels

MyCERT Advisories

MyCERT Advisories, Alerts and Summaries for the year 2010

MA-230.052010: MyCERT Alert - Critical Vulnerability in Safari Web Browser

Date of publication: 2010-05-08

1.0 Introduction

A critical vulnerability has been identified in the Safari web browser. The vulnerability, if successfully exploited will cause the application to crash and could potentially allow an attacker to take control of the affected system.

Note that successful exploitation of this issue requires the pop-up blocker in the browser to be disabled. The pop-up blocker in Safari is enabled by default.

Essentially, an attacker can trick users into clicking on a URL, which has been sent via e-mail, and this will direct the users to a specially crafted web page containing the exploit.

MyCERT is aware that a '0-day' exploit is available on the Internet at the time of the publication of this advisory.

2.0 Impact

An attacker who successfully exploits this vulnerability will be able to execute codes remotely and gain the same privilege as the user. Unsuccessful attacks may cause denial-of-service (DoS) outcomes.

3.0 Affected Products

Apple Safari 4.0.5 and earlier

4.0 Recommendations

As of the writing of this advisory, Apple has not released any security patches for this vulnerability. However, users can use the following steps as a temporary workaround if they need to use Safari web browser:

4.1 Make sure the popup blocker is enabled in the browser. Popup blocker can be enabled by referring to the following steps:

For Mac OS

Click on Safari and choose Preferences

Click on Security tab and tick on Block pop-up windows

For Microsoft Windows

Click on display menu and settings (on the top right side) and choose Preferences

Click on Security tab and tick on Block pop-up windows
4.2 Do not simply allow popup from untrusted websites.
4.3 Do not browse to untrusted websites or click on untrusted links especially URLs enclosed in e-mails from an unknown sender.
4.4 Browse the Internet through access of a lower privilege user to minimize the impact of the malicious file.
4.5 Consider using alternative web browsers to browse the Internet. Please make sure you use the latest version and stay up-to-date as well.

MyCERT would like to advise the users of Safari to be vigilant of the latest security announcements by Apple.

MyCERT can be reached through the following channels for further assistance:

E-mail : mycert@mycert.org.my
Phone : +603 89926969 or 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT <EMAIL> <COMPLAINT> to 15888
Business Hours : Mon - Fri 08:30 -17:30 MYT
Web: http://www.mycert.org.my