Results 1 to 6 of 6

Thread: Microsoft urges users to stop using Safari

  1. #1
    Ohh Hell yeah.. Sava700's Avatar
    Join Date
    Feb 2002
    Location
    Somewhere
    Posts
    24,052

    Microsoft urges users to stop using Safari

    Hmm...this looks like issues for those running Safari.. I never cared for it anyway..worthless browser IMO.


    Microsoft's security team is advising users to stop using Apple's Safari browser pending investigation into a quirk that allows miscreants to litter their desktop with hundreds of executable files.

    Windows users who visit a booby-trapped site with Safari could be forced to download and execute malicious files with no prompting, Microsoft says. The "blended threat" is a result of the default download location in Safari and the way the Windows desktop handles executable files.

    The Microsoft advisory suggests users "restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple."

    The recommendation comes a week after researcher Nitesh Dhanjani reported that Apple's browser doesn't seek user permission before downloading certain types of files. Even when encountering malicious iframes - a common occurrence these days even on the most trustworthy of sites - Safari obediently does what it's told to do, including downloading a file hundreds of times.

    Apple's security pros, upon learning of the so-called carpet bombing vulnerability, said they didn't see it as a significant threat. A researcher in Cupertino wrote to Dhanjani that it may get fixed at some point down the road as "a further measure to raise the bar against unwanted downloads," but said it could take a quite a while, if ever, for that to happen.

    Apple's unfortunate refusal probably explains why Microsoft's security arm has resorted to the unusual recommendation. We can't remember the last time Redmond counseled users to avoid installing a mainstream product for security reasons. Apple representatives didn't respond to a request to comment for this story.

    And before any Mac users decide this is an issue they can safely ignore, remember this: While Microsoft's recommendation obviously is limited to Windows users, Dhanjani says the carpet bombing scenario can play out on OS X, too.
    source

  2. #2
    Forum Techie A_old's Avatar
    Join Date
    Jan 2000
    Location
    Atlanta
    Posts
    10,663
    Yup, because you're a technical genius and your opinion counts, really. Also, the opinion of some fools who are at least an order of magnitude behind the next slowest browser on the market in terms of Javascript performance and have more bugs in their software than an entomology museum. Safari actually renders pages, supports styles, runs javascript, and fixes dumb coding mistakes better than any other browser on the market. The only unfortunate thing about it is the lack of development tools like firebug, but it does have inspection and a javascript console, which is more than IE can say it has out of the box. Yea, I know IE7's not totally crappy and IE8 will be better but when IE8 will only have the JS performance of FF2, there's an issue. MS needs to either get their act together or just drop IE all together -- it's a pos. Safari, at its worst is much better than IE.

  3. #3
    Resident Rodent Randy's Avatar
    Join Date
    Jan 2000
    Location
    British Columbia Canada
    Posts
    12,007
    hmmmm microsoft warning not to use apple products .. yeah ok then

    I was going to post a link to that thread, but the SG search results for "bullsh|t" were too numerous

    sometimes you have to think outside the box to get inside the box .

  4. #4
    Ohh Hell yeah.. Sava700's Avatar
    Join Date
    Feb 2002
    Location
    Somewhere
    Posts
    24,052
    Quote Originally Posted by Amro View Post
    Yup, because you're a technical genius and your opinion counts, really.
    hey now.. easy tiger.. yeah my opinion counts but this is from using all 3 different browsers..I just seem to prefer FF to all 3 of them but to me Safari is worthless or at the bottom of the scale.

  5. #5
    Ohh Hell yeah.. Sava700's Avatar
    Join Date
    Feb 2002
    Location
    Somewhere
    Posts
    24,052
    Another article on this.. kinda the same info.

    Microsoft warned on Friday that Apple's Safari Web browser for Windows exposes PCs to a security hole that permits potentially malicious files to be downloaded to a user's machine and run without prompting the user.

    Microsoft's advisory comes two weeks after security researcher Nitesh Dhanjani warned both Redmond and Cupertino that Safari introduces a vulnerability in Windows and OS X machines, which allows any rogue Web site to "carpet bomb" the user's Desktop (Windows), or Downloads directory (Apple), with unwanted files (Safari is not installed by default on Windows machines).

    Dhanjani said Apple indicated it wasn't in a hurry to fix the Windows vulnerability, if it ever got around to it. "Apple does not feel this is a issue they want to tackle at this time," Dhanjani wrote on his blog. "In my most recent email to Apple, I suggested that they incorporate an option in Safari so the browser can be configured to ask the user before anything is downloaded to the local file system.
    http://blog.washingtonpost.com/secur...l?nav=rss_blog

  6. #6
    Certified SG Addict CableDude's Avatar
    Join Date
    Jun 2001
    Posts
    26,786
    Does not work on 2000, so I am SOL.

Similar Threads

  1. Norm -is this true? Wow, talk about big brother.
    By blacklab in forum General Discussion Board
    Replies: 7
    Last Post: 10-24-07, 09:36 AM
  2. Microsoft extends XP shelf life
    By Sava700 in forum General Discussion Board
    Replies: 33
    Last Post: 09-29-07, 09:19 AM
  3. Replies: 2
    Last Post: 06-01-07, 06:57 PM
  4. winantivirus again
    By robertdempster in forum Software Forum
    Replies: 12
    Last Post: 02-20-07, 08:57 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •