Safari 'carpet bombing' attack code in the wild, Legal Document Translation, Patent Document Translation, Business Document Translation, Technical Document Translation, Academic Document Translation,

Readers: 0 | Updated: 2008

Safari 'carpet bombing' attack code in the wild

Translate Into:

The Safari "carpet bombing" blended-threat vulnerability discovered in May could be more dangerous for Windows users with exploit code available online.

Mac users are not affected by the threat.

The exploit takes advantage of the fact that the Desktop is Safari's default download location. Pair that with a flaw in Internet Explorer that allows files of a particular name to be automatically run, and you have a situation where Safari downloads a file and IE runs it.

InfoWorld notes that the source code and demo were posted on Sunday. Apple, so far, has not commented on the InfoWorld story, and has no plans to alter Safari. Since downloading to the Desktop is Safari's only involvement in the threat, there doesn't appear to be any problem to correct.

Microsoft's problem, on the other hand, has to do with automatically running files that just happened to be named something IE cares about, which Microsoft has known about since 2006. Microsoft has not commented on the story either, but their suggestion is still to avoid using Safari for Windows.

Read Permalink Email this Comments

Like this article? Click “Recommend” to let others know your interest. Click "Tool Box"-> "Save" to add this article as your favourite.

From The Blogs

Random Good Stuff 2008	QR Code Stamp My Dad made me a stamp with my own personal QR code [wiki] on it. A QR Code is a matrix code (or two-dimensional bar code) created by Japanese corporation Denso-Wave in 1994. The “QR” is derived from ... 查看全文 Digg (3)
Product Reviews Net 2008	Sony PS3 Error Code 80010514 similar to Xbox 360 RROD The Xbox 360 RROD might be old news and something Microsoft can gladly see the back of, but owners of the Sony PS3 are reporting an Error Code 80010514 that is said to be similar to RROD. Gamers in th... 查看全文 Digg (2)
Wise Bread 2008	Can a Kindle Save You Money? Oprah's Coupon Code Makes It Easier By Carrie KirbyAmazons Kindle digital reader is like a Wii for readers: Endless entertainment options, loveable hardware, extra features galore. Just today, Oprah showed how, with the addition of an d... 查看全文 Digg (1)
LifeDev 2008	Creative Code: 14 Ways to Learn From Creative Programmers Photo by morganglines The common stereotype for programmers is this: nerdy, pocket-protector wielding, and very, very boring. One doesnt typically link a programmer as a creative individual. However, ... 查看全文 Digg (1)
gHacks technology news 2008	Google Code University Google Code University is an excellent resource for Computer Science students and programmers in general. All videos and Powerpoint presentations published at the University are released under Creativ... 查看全文 Digg (1)
Nokia S60 News and Reviews 2008	New York and Chicago Gamers, Get Your Free Reset Generation N-Gage Code Ikona over at the Official N-gage Blog is reporting that Nokia is having a promotion in the USA, where you can literally walk into your Nokia Flagship store (in New York and Chicago only though), and ... 查看全文 Digg (1)
Monkey Bites 2008	New Google Search: Code Google just launched a new search service which allows you to search open source code. Search prefixes like license: and lang: can narrow results and the search supports POSIX regular expression synta... 查看全文 Digg (1)
b5media Business Channel Feed 2008	Fix the Tax Code Friday:Advanced Tax Credits [taxgirl ®] Its Fix the Tax Code Friday! Amid rumors of a recession, there are whispers about bringing back the advanced tax credit a la 2001.Remember when taxpayers received those checks in the mail for a hundre... 查看全文 Digg (0)
b5media Music Channel 2008	How To Unlock An iPod Even If You’ve Lost The Code [Our Digital Music] Has someone given you an iPod but not the code; or maybe you simply forgot the code that you originally entered?Here are several ways you may be able to unlock it: METHOD #1 - Experiment with some log... 查看全文 Digg (0)
KillerStartups.com - all 2008	Snipplr.com - Never Misplace Your Code Again What it doesWhere do you keep your code?Chances are, you’ve got snippets stored all over your desktop, on and offline.Sheer laziness probably keeps your from writing your code all over again, so you’v... 查看全文 Digg (0)

Elanso

Article Information