Usage termination recommendation to Windows Safari user, cause of vulnerability detection

Apple's web browserSafariA vulnerability was found to allow remote reading of local files. Although updating to the latest version is a measure, the Windows version is recommended to be discontinued because the latest version has not been released.

JVN # 42676559: Remote local file readability vulnerability in Safari


This vulnerability is found in Safari 6.0.1 and earlier versions. "Updating to the latest version is mentioned as a countermeasure method with the content that" Opening a specially crafted HTML document as a local file may get files that are not permitted access by other users " It is done.

According to the vulnerability analysis, the evaluation value is high in the "attack route" "authentication level" (higher the higher the risk value), "the evaluation of the user involved in establishing the attack", the evaluation value is " Is medium to high.


Originally Safari appeared as a standard Mac OS X web browser,Windows version is released in June 2007.Over 1 million downloads in public 48 hoursIt gained popularity, such as to do.

Mac OS X Mountain Lion was released in July 2012, Safari also upgraded major version, "Safari 6", but,The latest version of the Windows version is no longer available, the download button also disappears.You can download the old version (Safari 5.1.7) only from the support pageIt is in a state called.

Since the latest version is not provided, we call on "Vulnerability Countermeasure Information Portal Site JVN" Please stop "Safari users on Windows".