Another flaw within Safari 3.0 for Windows beta

Researcher finds a basic cookie-handling error that could compromise Windows PCs.

Security researcher Robert Swiecki disclosed yesterday another vulnerability within the new Safari 3.0 for Windows beta, bringing the total of public vulnerabilities to nine. The latest flaw allows an attacker to steal a cookie. The flaw exists in the Javascript's window.setTimeout()implementation where the content timer-triggered function is processed after window.location property is changed.

In response to other Safari 3.0 vulnerabilities, Apple today released an updated version that addresses three of the nine public vulnerabilities.

Featured Video

Tim Cook's blurry iPhone picture takes world by storm

What is the iPhone 6's "Error 53"? The new Apple tvOS brings new features and Tim Cook takes bad pictures.

by Brian Tong