Msg#: 3269567 posted 2:36 am on Mar 3, 2007 (gmt 0)
This seems to be key:
It affects Mac OS X 10.4.8, the most recent version of Apple's operating system and, possibly, previous versions...
The flaw can be exploited if the Mac user has enabled an option in Safari to "open safe files after downloading," Secunia said in an advisory Thursday. The security company has rated the problem "highly critical."
"It is never good to have something open automatically when you download it, so users should disable this automatic feature in Safari," said Thomas Kristensen, Secunia's chief technology officer.
Msg#: 3269567 posted 11:23 am on Mar 3, 2007 (gmt 0)
this wasn't intended to be new news. this was originally posted in january. the link to the nytimes "reprint" article became nonfunctional so it was reposted with the link to the originial cnet news article for historical/archive purposes.
Msg#: 3269567 posted 4:54 pm on Mar 3, 2007 (gmt 0)
this wasn't intended to be new news
Yeah, I was surprised to see it on the home page of Webmasterworld.com. I guess it is good, though, that someone thinks that a security hole in Safari/OS X is front-page news-worthy. I don't think this hole was ever exploited...at least not on a major scale. In addition, it is good that a patch was released a few months ago...