anti microsoft or anti apple.. just goes to show that when you have millions of lines of code and questionable and somewhat sloppy programming (programs) you will get exploits!

I wouldn't necessarily call this 'sloppy programming', per se. (Although hard to tell one way or the other without seeing the code). Buffer overruns are a huge example of sloppy (and lazy) programming. This is more of an example of the problem using 'shared' code. When you start out with software meant for 'a' task, then use/update it to work with more and more software, you end up with these types of unforseen problems (oh, and if they were foreseen, how come no one saw it before February). This is the same reason Windows has so much problems. They took OLE, changed the name to ActiveX, then said, "hey, this is great stuff, let's use if for browsing as well!", which worked fine but no one took into account how what it could do would cause problems where they were using it.

I have "Automatically open downloaded files" unchecked in a Camino 0.8 nightly but it still open the dmg file.
Safari isn't the only one with issues.

...because I downloaded their proof of concept and although it mounted the DMG, when the thing tried to run I got an error message that said it couldn't because it had been disabled or was not installed.

testudo wrote: " This is more of an example of the problem using 'shared' code."

Unless you have more information than anyone of us do, I do not see how you can conclude this is due to shared code instead of Apple's sloppy programming?

Unless you have more information than anyone of us do, I do not see how you can conclude this is due to shared code instead of Apple's sloppy programming?

Easy. Because the problem lies in the shared usage of the WebCore, which controls both Safari's and the Help Viewer's HTML display and usage. As such, changes to the core for one use adversely affects the other in an unexpected way.

Oh, and this article is titled "New Safari exploit allows remote code execution". Can it be called remote code when it first is downloaded to your computer and run from there? I thought 'remote' vulnerabilities were those where the code actually was run or executed from a remote location.

Just being my own nit-picky self.

And someone has mentioned its also a problem in Camino, so its not specific to Safari here. If anything, it might be more of a system/internet config/helper app type issue.

It is a bug in Help Viewer and Help Viewer only. It will happen to all browsers. The fix is for Help Viewer to ask the user to launch the script if it is not the Application that originated the AppleEvent.

On a scale of 1-10, this vulnerability is a 0.01 compared to the '10'
of the various Windows worms. This is just a case of 'don't download installers or .exe's from unknown sources' which was the issue everyone confronted a couple of years ago.

Ask any sysadmin - I have had a complete LAN of Windows machines infected 'instantly' by an outside user connecting an unauthorized laptop to the network. It is a continual and ongoing nightmare to keep a Windows network secure.

Loopless, since you are at it, why don't you make Apple's vulnerabiity 0.0001 and Windows 1000000 since you seemed to like hyperbole?

And why is an outside user connecting unauthorized laptop to the network?

And why is an outside user connecting unauthorized laptop to the network?

Easy, because portable users are an annoying bunch of users who just think "Hey, here's a network cable, let me plug my laptop in" even without asking to make sure its OK. The only way to prevent this is to glue network cables into their sockets and not o leave any open wall socket or unused cable so users don't start swapping them out.

Any discussion about Apple vs. MS is completely ridiculous in this context. Who the h*** cares what each companies track record is when it comes to this exploit. MS didn't exactly cause this to happen to our computers. The simple fact is that Apple screwed up BIG TIME and they need to get off their asses and fix this ASAP.

of who the h*** did what, tell the person whos home folder just got wiped clean that "well microsoft has bigger problems." quit being a damn zealot and face the reality that some features do turn out to be buggy.justifying or making up for a problem doesnt make it go away. MS might have bigger problems, but it doesnt make your problems any less dangerous. imagine if that script contained 'echo 'YOUR FUCKED
rm ~/*'' then you wouldnt be here typing now would you

-macjedi-

"Easy, because portable users are an annoying bunch of users who just think "Hey, here's a network cable, let me plug my laptop in" even without asking to make sure its OK. The only way to prevent this is to glue network cables into their sockets and not o leave any open wall socket or unused cable so users don't start swapping them out."

No, you idiot. The portable users should go wherever they want to and plug in wherever they want to and expect to work. YOUR job is to prevent unauthorized computer on part of the network. Get it straight - this is not an users' problems but the admins problem.

but that attitude is the same one that gets worms into corporate networks cos some idiot thinks it's the admin's problem to stop them from opening unknown attachments, in spite of those same admin guys sending e-mails to everyone telling them not to. No, if the company policy is 'don't plug in your own laptop' and some idiot does it all the same, it's a user problem. I would have thought that you working for a multi million dollar company and all, you'd be sensitive to these issues. As a system admin, I really wouldn't want anybody plugging anything in that hasn't got a minimum of security features installed, and unfortunately that's the case for a lot of laptop users.