OmniWeb Updated to 5.5.2

Mac OmniWeb

The Omni Group has updated its web browser to 5.5.2. Earlier, MOAB, a group of security experts who have chosen January 2007 as the security month for Apple’s OS and Mac applications, issued a security alert on its web site. The Omni Group has responded quickly, and the Java script vulnerability problem that MOAB has pointed out has been fixed, according to the Omni Group.

MOAB: OmniWeb Has a Vulnerability Issue

Mac OmniWeb

The Month of Apple Bugs (MOAB) is a group of security experts who have chosen January 2007 as the security month for Mac OS X applications. MOAB says that The Omni Group’s web browser, OmniWeb, has a security risk.

As of January 7, 2006, the latest version of OmniWeb is 5.5.1. OmniWeb has a few unique functions that other web browsers don’t have. Especially, its ‘Page Info’ is exceptional in that it allows the user to access and download files that other web browsers may not be able to reach.

MOAB, as tested on version 5.5.1, says that OmniWeb has “a format string vulnerability in the handling of Javascript alert() function.” This vulnerability could allow an exploiter to execute a malicious attack remotely.

Click on the button to read MOAB’s report. VTC

Security Alert: DiskManagement Vulnerability

Mac DiskUtility

The Month of Apple Bugs (MOAB) is a group of security experts who have chosen January 2007 as the security month for Mac OS X applications. And MOAB has issued a new vulnerability report concerning DiskManagement. According to MOAB, an exploiter may be able to take advantage of a “vulnerability in the handling of BOM files,” which will enable him/her to “set rogue permissions on the filesystem” through Apple’s DiskUtility.

Click on the button to read MOAB’s report. VTC