homepage Welcome to WebmasterWorld Guest from 54.205.254.108
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / HTML
Forum Library, Charter, Moderators: incrediBILL

HTML Forum

    
Mac OS X flaw affects Safari surfers
"open safe" isn't
phranque




msg:3269569
 12:04 am on Mar 3, 2007 (gmt 0)

reposted here due to broken link.

details in CNET News.com [news.com.com].

 

tedster




msg:3269661
 2:36 am on Mar 3, 2007 (gmt 0)

This seems to be key:

It affects Mac OS X 10.4.8, the most recent version of Apple's operating system and, possibly, previous versions...

The flaw can be exploited if the Mac user has enabled an option in Safari to "open safe files after downloading," Secunia said in an advisory Thursday. The security company has rated the problem "highly critical."

"It is never good to have something open automatically when you download it, so users should disable this automatic feature in Safari," said Thomas Kristensen, Secunia's chief technology officer.


bouncybunny




msg:3269667
 2:43 am on Mar 3, 2007 (gmt 0)

This has happened before and been patched. Time for a new patch methinks.

EliteWeb




msg:3269824
 9:03 am on Mar 3, 2007 (gmt 0)

These type of issues open up for fun scripts to be exploited while executing the vulnerability as well as spyware and root access type threats. make sure to follow the apple updates.

Robin_reala




msg:3269889
 11:13 am on Mar 3, 2007 (gmt 0)

The original story is from the middle of January. Weren’t fixes for these included in Apple’s 2007-02 security update?

Regardless, anyone using Safari should turn off the ‘open safe’ feature. It’s just waiting for more attacks.

phranque




msg:3269894
 11:23 am on Mar 3, 2007 (gmt 0)

this wasn't intended to be new news.
this was originally posted in january.
the link to the nytimes "reprint" article became nonfunctional so it was reposted with the link to the originial cnet news article for historical/archive purposes.

solly




msg:3270096
 4:54 pm on Mar 3, 2007 (gmt 0)

this wasn't intended to be new news

Yeah, I was surprised to see it on the home page of Webmasterworld.com. I guess it is good, though, that someone thinks that a security hole in Safari/OS X is front-page news-worthy. I don't think this hole was ever exploited...at least not on a major scale. In addition, it is good that a patch was released a few months ago...

BillyS




msg:3270379
 1:40 am on Mar 4, 2007 (gmt 0)

Oh my, something wrong with Mac. Guess I might as well stick with Windows.

phranque




msg:3270440
 4:44 am on Mar 4, 2007 (gmt 0)

Oh my, something wrong with Mac.

and it makes front page news when it happens.
this is so hohum for ms users...

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / HTML
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved