News

[Internet]

Monday 2nd June 2008

Microsoft urges Safari caution 10:48AM, Monday 2nd June 2008

Microsoft is advising users to restrict their use of Apple's Safari browser, until a patch becomes available to plug a potential vulnerability.

Read about Microsoft's latest security slip up on the PC Pro blog here

Safari doesn't require a user to give permission to download certain files, a fact which independent security researcher Nitesh Dhanjani predicted could lead to a "carpet-bombing" attack whereby attackers populate websites with malicious code Safari would automatically download to the desktop.

In a security advisory Microsoft says the flaw is also dependent on a vulnerability in how XP and Vista handle executable files on the desktop.

ADVERTISEMENT

Microsoft says it's not aware of any example of the flaw being exploited, but is working on the issue.

The advisory goes on to suggest, that people "restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple."

Apple has not responded to our request for comment.

Read the advisory here

PC Pro's Five Biggest Stories

1. Nvidia launches rival to Intel Atom

2. Adobe does a Google Docs with new online suite

3. Microsoft cuddles up to Facebook once more

4. Go back to your websites and prepare for IE8

5. Low-cost laptops set to dominate Computex

Stuart Turton

Submit to: Digg | Slashdot | Del.icio.us | Technorati