diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

May312008

Microsoft security warns of Safari Carpet Bombing

Microsoft has released a security advisory warning of the effect we have previously reported as “Safari Carpet Bombing.” This is what most people would call a vulnerability in Safari on both Windows and OS X in that Safari does not warn users before downloading files. The default download location on Windows for Safari is the Desktop, so a malicious page could fill the desktop with files, potentially malicious files, and in scenarios which could use social engineering to trick the user into opening at least one of them.

No program is perfect, but Apple’s response to the vulnerability was disturbing. They don’t consider it a security vulnerability, and are treating user confirmation as just another feature request. Apple has taken a lot of heat over this, including from StopBadWare.org.

Full Article

Share This Story, Choose Your Platform!