Microsoft security warns of Safari Carpet Bombing

Microsoft has released a security advisory warning of the effect we have previously reported as “Safari Carpet Bombing.” This is what most people would call a vulnerability in Safari on both Windows and OS X in that Safari does not warn users before downloading files. The default download location on Windows for Safari is the […]

Microsoft has released a security advisory warning of the effect we have previously reported as “Safari Carpet Bombing.” This is what most people would call a vulnerability in Safari on both Windows and OS X in that Safari does not warn users before downloading files. The default download location on Windows for Safari is the Desktop, so a malicious page could fill the desktop with files, potentially malicious files, and in scenarios which could use social engineering to trick the user into opening at least one of them.

No program is perfect, but Apple's response to the vulnerability was disturbing. They don't consider it a security vulnerability, and are treating user confirmation as just another feature request. Apple has taken a lot of heat over this, including from StopBadWare.org.

Full Article

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.