After more than two years, Apple's Safari browser for Macs remains vulnerable
to attacks that allow websites to litter a user's hard drive with thousands of
malicious files.

The "carpet bomb" vulnerability was publicly disclosed in May 2008 after
members of Apple's security team said they didn't consider the quirk a security
issue. After Microsoft took the unusual step of advising its customers to stop
using Safari, Apple issued a patch Windows versions but not for OS X.

"This means that if you use the Safari browser on OSX, a malicious entity can
drop any amount of binaries or data files into your ~/Downloads/ folder," Nitesh
Dhanjani, the researcher who credited with discovering the vulnerability, wrote
over the weekend.

  • Подпишись на наc в Telegram!

    Только важные новости и лучшие статьи


  • Подписаться
    Уведомить о
    0 комментариев
    Межтекстовые Отзывы
    Посмотреть все комментарии