updated 11:10 am EDT, Mon June 2, 2008
MS on Safari vulnerability
Owners of Windows XP and Vista should avoid using Apple's Safari browser for the foreseeable future, Microsoft has warned. The company notes that while there is a vulnerability in how XP and Vista handle executables on the desktop, this may not be an immediate issue except that browsers like Safari do not ask permission to download a number of files. An independent analyst, Nilesh Dhanjani, suggests that this could be used to litter websites with automatic malware downloads, effectively "carpet-bombing" PCs.
Until the issue is fixed, Microsoft is recommending that people "restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple." The latter has so far declined to comment on the state of Safari.