Two years later, Apple Safari still open to 'carpet-bombing'

Status
Not open for further replies.

Osiris

Golden Master
Messages
36,817
Location
Kentucky
After more than two years, Apple's Safari browser for Macs remains vulnerable to attacks that allow websites to litter a user's hard drive with thousands of malicious files.
The "carpet bomb" vulnerability was publicly disclosed in May 2008 after members of Apple's security team said they didn't consider the quirk a security issue. After Microsoft took the unusual step of advising its customers to stop using Safari, Apple issued a patch Windows versions but not for OS X.


"This means that if you use the Safari browser on OSX, a malicious entity can drop any amount of binaries or data files into your ~/Downloads/ folder," Nitesh Dhanjani, the researcher who credited with discovering the vulnerability, wrote over the weekend.

"This issue is caused because, while most sane web browsers warn the end user and ask for explicit permission before saving a file locally, Safari goes ahead and saves the file into the default download location without asking the user - even if hundreds of files are served up by the malicious website simultaneously."
Apple's dismissal of the advisory probably has something to do with the requirement that users would have to double click on the downloaded file and enter an administrative password before their machines could be hijacked. But as Dhanjani points out, in a world in which state-sponsored attacks and corporate espionage are par for the course, it's never a good idea for outsiders to be able to control the files that are downloaded onto a user's computer.
In the two years since the flaw was disclosed, Mozilla Firefox and Google Chrome have been updated to protect its users. But so far, while Apple's security has agreed that it might be good if Safari actually checked with the user before downloading potentially unwanted files, it has said only that a fix "could take quite a while, if it ever gets incorporated."
It appears they were true to their word

Two years later, Apple Safari still open to 'carpet-bombing' ? The Register
 
This sounds like Apple to me, they know about an issue for months before they end up fixing it, unlike Microsoft who fixes things ASAP.
 
So you count patch Tuesday as ASAP? I don't call one cycle a month ASAP.
 
every day should be a patch day. if you only patch certain times hackers know this. they know that there is time for their exploits to hit and they don't have to worry about anything. it only benefits the hackers. patch every day and the hackers really gotta be on thier toes.
 
Well yea that is why we have exploit Wednesday, MS i belive used to have as a and when but then changed to a regular monthly "period" was down to IT managers asking for it for stabbillity testing and HIPPA compliance, I would rather MS made each update totally and released as and when it would avoid so much hassle for some companies I am aware off.
 
Tell me about it, I reported one vun a few months back and didnt even get a auto response, oh well another few months of no acknowledgment and it will end up getting posted some ware I know in a ethical fashion.
 
Status
Not open for further replies.
Back
Top Bottom