Apple's reputation for security continues to take hits as hacker group Goatse Security this week accused the company of failing to patch a flaw in Safari -- known since March -- and rendering iPads susceptible to active exploits in the hundreds, if not thousands.
The disclosure appeared in a blog post by Goatse Security group member Escher Auernheimer; he further lashed back at AT&T in its criticism of Goatse's decision to publicize the vulnerability that exposed iPad users' email addresses .

According to Auernheimer, Goatse Security released an overflow exploit for Safari back in March . Apple patched the vulnerability for the desktop, but not for the iPad: "This bug we crafted allows the viewer of a Web page to become a proxy (behind corporate and government firewalls!) for spamming, exploit payloads, password bruteforce attacks, and other undesirables. The kicker is that this attack cannot be detected by any current IDS/IPS system. We released this in March, mind you, and Apple still hasn't got around to patching this on the iPad!" Auernheimer wrote.

The link for this article located at PC World is no longer available.