After more than two years, Apple’s Safari browser for Macs remains vulnerable
to attacks that allow websites to litter a user’s hard drive with thousands of
malicious files.

The "carpet bomb" vulnerability was publicly disclosed in May 2008 after
members of Apple’s security team said they didn’t consider the quirk a security
issue. After Microsoft took the unusual step of advising its customers to stop
using Safari, Apple issued a patch Windows versions but not for OS X.

"This means that if you use the Safari browser on OSX, a malicious entity can
drop any amount of binaries or data files into your ~/Downloads/ folder," Nitesh
Dhanjani, the researcher who credited with discovering the vulnerability, wrote
over the weekend.

Оставить мнение

Check Also

Хакер ищет авторов. Читатель? Хакер? Программист? Безопасник? Мы тебе рады!

Восемнадцать лет мы делаем лучшее во всем русскоязычном пространстве издание по IT и инфор…