RSS feed handler vulnerability discovered in Safari on Windows and Mac OS X 10.5 Leopard

Apple's Safari browser is vulnerable to an attack on Windows and tMac OS X 10.5 Leopard, that allows a malicious web site to read files on a user's hard drive without user intervention. The vulnerability has been acknowledged by Apple, reports Mastenbrook.  Fix for Mac OS X 10.5: Download and install the RCDefaultApp preference pane, following the […]

Apple's Safari browser is vulnerable to an attack on Windows and tMac OS X 10.5 Leopard, that allows a malicious web site to read files on a user's hard drive without user intervention. The vulnerability has been acknowledged by Apple, reports Mastenbrook

Fix for Mac OS X 10.5:

  1. Download and install the RCDefaultApp preference pane, following the included instructions.
  2. Open System Preferences and choose the Default Applications option.
  3. Select the "URLs" tab in the window that appears.
  4. Choose the "feed" URL type from the column on the left, and choose a different application or the "<disabled>" option.
  5. Repeat the previous step for the "feeds" and "feedsearch" URL types.

The workaround for Safari on Windows is to use a different web browser.