Microsoft urges Safari caution
By Stuart Turton
Posted on 2 Jun 2008 at 10:48
Microsoft is advising users to restrict their use of Apple's Safari browser, until a patch becomes available to plug a potential vulnerability.
Safari doesn't require a user to give permission to download certain files, a fact which independent security researcher Nitesh Dhanjani predicted could lead to a "carpet-bombing" attack whereby attackers populate websites with malicious code Safari would automatically download to the desktop.
In a security advisory Microsoft says the flaw is also dependent on a vulnerability in how XP and Vista handle executable files on the desktop. Microsoft says it's not aware of any example of the flaw being exploited, but is working on the issue.
The advisory goes on to suggest, that people "restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple."
Apple has not responded to our request for comment.
PC Pro's Five Biggest Stories
Is your business a social business? For helpful info and tips visit our hub.
- 20 years of PC Pro: our greatest review mistakes
- 20 years of PC Pro: our first A-List
- Wikipedia's "right to be forgotten" protest hits the wrong note
- 3D printing hits the high street for plastic selfies
- 20 years of PC Pro: What amazed us in our first issue
- How Google Glass ruined my lunch hour
- Smartphone battery packs: can a USB power pack beat the festival battery blues?
- Windows Easy Transfer – not so "easy" in Windows 8.1
- Formula 1: what a difference virtualisation makes
- Office of the future: comfy chairs and tablets everywhere
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office
- How to write your company's IT security policy