« Later? NO . . . NOW! | Main | Java Trojan RedBrowser-A Targets Cell Phones »
Tuesday, February 21, 2006
Mac Safari Browser Vulnerabilty
Secunia is reporting on a vulnerability in the Safari browser caused by an error in the processing of file association meta data (found in the "__MACOSX" folder) in .ZIP archives. This could cause users to execute a malicious shell script that has been renamed to a safe file extension stored in a .ZIP archive.Worse, it can also be exploited automatically when Safari visits an evil web site.
Secunia has a test available to confirm if your system is vulnerable: http://secunia.com/mac_os_x_command_execution_vulnerability_test/
The vulnerability can be lessened by disabling the "Open safe files after Downloading" option in Safari.
Posted by Matthew Carrick at 7:42.10 PM EST | Permanent Link
| Categories: All Things Mac, Mac Safari Browser, Privacy Issues, Security Alerts, Virus-Trojan-Worm Alerts
| Categories: All Things Mac, Mac Safari Browser, Privacy Issues, Security Alerts, Virus-Trojan-Worm Alerts