Advertisement

Windows Safari bugs and exploits "popping up like hotcakes"



Safari has been available on Windows for less than 24 hours, and already the hacker community is apparently tearing it to shreds. The Errata Security blog has been keeping track of a few announcements across the web, including a fully disclosed 0-day exploit that Thor Larholm apparently found yesterday within two hours of the software's release (and says more are "popping up like hotcakes"). And just to be clear on the use of 0-day exploit: it means Larholm found a way to execute any piece of code on a Windows box when Safari visits a properly crafted site to successfully exploit a vulnerability on the day the vulnerability was found.

What will this mean for Safari's reputation and traction in the Windows market? I'm not really sure yet. There are any number of reasons behind Apple's decision to develop Safari for Windows, and even though a healthy pool of tech-savvy users are already tinkering with it (for better and for worse), the real results will be seen once it reaches much more of the mainstream market. One of the primary reasons (besides making it easy for Windows-based web developers to write web apps for the iPhone, of course) for SafariWin, as some are calling it, is because that tiny little search box in the upper right of a browser has become quite a revenue generator if the browser does decently in the market. When users search through that box, the browser manufacturer makes some money off the resulting ads that are displayed along with that search. Firefox reportedly made around $50-75 million last year for Mozilla because of that little search box (not bad for an open source product, eh?). You don't have to be Internet Explorer to bring home at least some bacon for your company; heck, I would bet that Opera is still in business largely due to their search box as well.

But none of these reasons will mean anything, and Safari won't generate nearly as much revenue for Apple, if it doesn't gain at least a respectable share of Windows users who are actually firing up Safari to search, browse the web, view and click on ads. But If Safari keeps getting torn apart like this within 24 hours of a release, it could gain a terrible reputation before it ever hits the radar of a crucial portion of the general public. In this new web browsing and computing world where security is everything when you talk about a browser, Safari needs to plug these exploit holes ASAP if it plans to get any farther than the fleeting front page of digg.