Safari RSS vulnerability affects Mac, Windows users
updated 10:10 am EST, Tue January 13, 2009
Safari RSS vulnerability
A vulnerability in both the Mac and Windows versions of Safari may present serious privacy concerns, says coder Brian Mastenbrook. The problem, said to have been confirmed by Apple, is specifically related to the application's built-in RSS reader, which may be exploitable to read the contents of a person's hard drive. The exploit is triggerable by visiting a malicious website, and could in theory allow access to items like e-mail and passwords.
The only Macs vulnerable are said to be those using Mac OS X Leopard, but the threat must then be averted by picking a new RSS reader from Safari's Preferences menu; simply avoiding Safari or even RSS feeds may not provide security. Windows users can simply turn to an alternate browser, such as Opera or Firefox.
Apple is said to have provided no information so far on when patches for the problem might be released.
Omniweb?
01/13, 10:56am reply
Would Omniweb be immune or is it also effected? The site doesn't say.
dru
Senior User
Joined: Apr 2002
RSS screensavers?Omniweb?
01/13, 10:59am reply
Would Omniweb be immune or is it also effected? The site doesn't say. It doesn't mention the RSS screen savers either.
dru
Senior User
Joined: Apr 2002
omniweb
01/13, 02:24pm reply
I would think it would be affected, because the way it is implied in the article, it somehow magically can still cause problems even if you don't use Safari (how in the h*** that is brings up more questions).
testudo
Fresh-Faced Recruit
Joined: Aug 2001