http://www.betanews.com/article/Day_...are/1181661606
It took security engineers perhaps less than two hours yesterday to introduce Apple's surprise entry in the field of Windows browsers to the big, cruel world of exploits and vulnerabilities, following its introduction yesterday morning at WWDC. As a result, much of the clout Safari had received as the secure browsing alternative to Internet Explorer and Firefox -- as long as it was on a Macintosh -- was burned off like fire to a flash fuse.
Errata Security engineer David Maynor had a report posted on the first vulnerability he found by 1:48 pm, complete with screenshots of the pre-crash letdown dialog produced by his fuzzing tool. As he admitted, it wasn't a difficult crash to find, posting a screen shot of the memory dump revealing both a stack corruption and an access violation, and then giving credit to Thor Larholm for posting a complete report on the calamity not an hour later.
"I downloaded and installed Safari for Windows 2 hours ago, when I started writing this," Larholm wrote, "and I now have a fully functional command execution vulnerability, triggered without user interaction simply by visiting a web site."
Both Larholm and Maynor have made it clear their intentions are simply to discover vulnerabilities and warn the vendor and the public as to their implications, not to profit from their exploitation...because, quite frankly, the exploits don't appear to be that difficult.