Proof-of-concept revealed for Safari for Windows bug

By

A security researcher has published proof-of-concept code for the blended Internet Explorer-Safari for Windows threat.

Proof-of-concept revealed for Safari for Windows bug
Researcher Liu Die Yu, who has in the past discovered a number of IE bugs, published the code Sunday on his blog.

He wrote that the threat -- described as a "carpet bomb" by researcher Nitesh Dhanjani, who first discovered the issue -- is caused by a design flaw in IE, which could permit automatic remote code execution when a user downloads a file on Safari for Windows.

Microsoft issued an advisory May 30, warning that Windows XP and Vista customers who have installed Safari on their machines should consider not using the browser until a patch is delivered.

"A design flaw in Windows Internet Explorer, version 8 beta 7, and probably others, breaks the security of Safari for Windows shipped by Apple," Liu Die Yu said.

"Apple's Safari for Windows downloads and saves requested file[s] to user's desktop by default -- this default behavior does not constitute a mistake."

Meanwhile, Microsoft late Friday revised its security advisory to update its suggested workaround for the threat.

Researcher Aviv Raff had advised Microsoft that its initial workaround was not enough because the Safari hole could be used in combination with other product vulnerabilities, even if Microsoft fixed its flaw.

Microsoft agreed and revised the workaround. It now suggests users "change the download location of content in Safari to a newly created directory" -- for instance, c:\SafariDownload.

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?