Microsoft warned on Friday that Apple’s Safari Web browser for Windows exposes PCs to a security hole that permits potentially malicious files to be downloaded to a user’s machine and run without prompting the user.
“Apple does not feel this is a issue they want to tackle at this time,” Security Researcher Dhanjani wrote on his blog. “In my most recent email to Apple, I suggested that they incorporate an option in Safari so the browser can be configured to ask the user before anything is downloaded to the local file system. Apple agreed it was a good suggestion:
Dhanjani further said that he has brought three security vulnerabilities to Apple’s attention and that Apple said it plans to fix one of the issues reported, an undisclosed Safari vulnerability that could allow a remote attacker to steal files from the user’s system.
Apple received considerable criticism in March when it opted to make its Safari Web browser available to Windows users by default, as part of an iTunes update. Mozilla CEO John Lilly said Apple’s decision to do so “borders on malware distribution practices.”
Source: Washington Post
Filed under
Enterprise Software,
Security | Tags:
Apple,
Microsoft,
MS Windows,
safari,
Security Flaw,
Washington post | Comment Below
Related?
Would the new Microsoft Security Essential be Able to Dispel your Security Concern?June 29th, 2009 Microsoft released the new Beta version of their free security antivirus which is available in a few countries for download including USA and China. The final product will be available before the end of 2009. Microsoft has promised to release a lightweight security tool that will take care of Viruses, spyware, rootkits and Trojans without compromising the speed of your system.You can download the software as follows:
32-bit (x86) Windows Vista and Windows 7: mssefullinstall-x86fre-en-us-vista.exe
64-bit (x64) Windows Vista and Windows 7: mssefullinstall-amd64fre-en-us-vista.exe
Windows XP: mssefullinstall-x86fre-en-us-xp.exe
The essential features of the software are:
This is free and easy to use.
Me.com Email Address is Available NowJune 29th, 2008 If you are a .Mac subscriber, Apple appears to have activated the corresponding @me.com email addresses. If your email address was username@mac.com previously, you can now use username@me.com and emails should arrive in your .Mac mailbox.
Study Says Firefox is the Most Secure BrowserJuly 2nd, 2008 Over 600 million users are surfing the Web with a potentially unsafe browser, according to a Swiss study released this week. Among the least compliant were users of Internet Explorer, which currently dominates the Internet browser market.
Microsoft Live Mesh is Available to More Users in USJuly 16th, 2008 Microsoft early Wednesday announced the public availability of a preview version of its Live Mesh offering, but then backtracked and said it's only doubling the number of testers. Unveiled at web 2.0 conference in April, Live Mesh is Microsoft's biggest bet yet on a strategy known as "software plus services." A combination of client software, services, and developer tools, Live Mesh will let users and developers automatically or manually synchronize data among devices and to the Web, share content, remotely access Internet-connected devices, create Web apps that are accessible offline, and client apps that connect to Web services.
Mozilla Firefox 3 Release Candidate is OutMay 19th, 2008 In Firefox 3 Release Candidate 1, Mozilla hasn't changed much about the browser's basic look, but many usability are changed. The Release Candidate means the intermediate step between the Beta and final version.
Microsoft's Mojave ExperimentJuly 29th, 2008 Microsoft made an experiment in order to find out the opinion of the users about Windows Vista and the result is very promising. Mojave was actually Windows Vista.
Microsoft Sent Patches for Windows, Word FlawsMay 14th, 2008 Microsoft fixed six vulnerabilities which are critical for Windows, Word, Publishers and Anti-Virus software. First up on the critical list is a Microsoft Word patch, an update resolving what the software giant said were "two newly discovered and privately reported vulnerabilities" in the popular application that could allow hackers to deploy remote code execution (RCE) exploits through a maliciously crafted Word file.
Azure, Microsoft Windows Version to Offer Cloud Computing for DevelopersOctober 31st, 2008 Microsoft recently announced the availability of new OS platform Windows Azure at the start of Microsoft's Professional Developer Conference. Windows Azure will to provide service hosting and management, low-level scalable storage, computation and networking.
