3 Comments

Summary:

If you have Safari, on either Windows or OS X, you could be open to malicious attacks whereby users can gain unauthorized access to files on your hard drive. That’s according to a new tech note from developer Brian Mastenbrook, who has taken matters into his […]

safari_icon

If you have Safari, on either Windows or OS X, you could be open to malicious attacks whereby users can gain unauthorized access to files on your hard drive.

That’s according to a new tech note from developer Brian Mastenbrook, who has taken matters into his own hands while we wait for an official fix from Apple. And good thing, too, since this vulnerability is apparently nothing to sneeze at, as attackers can easily get their hands on sensitive information stored in cookies, emails, etc.

Even if you don’t use Safari as your primary browser, you could still be at risk, if you haven’t selected  a different default feed reading application. That means you, OS X users. If you’re a Windows user and you don’t use Safari as your default browser, you should be in the clear.

Here’s the fix for OS X users:

  1. Open Safari and select Preferences… from the Safari menu.
  2. Choose the RSS tab from the top of the Preferences window.
  3. Click on the Default RSS reader pop-up and select an application other than Safari.

There’s currently no indication of when Apple will issue a fix, but they are aware of the problem, so keep an out for a Software Update coming soon.

You’re subscribed! If you like, you can update your settings

  1. Good job I cam across this post. Have a mac that I use when I’m travelling and was pretty confident about its security features in safari when I’m looking ovber the internet and checking my email.

    Looked at the information to the ‘quick fix’ as you’ve suggested and, for a non computer literate (well, ok I suppose but not great), looks as though it shouldn’t be too complicated to implement even for me.

    So, thank you for the information, hopefully shouldn’t have anything bad happen in the future as the laptop I have is vital when I go travelling.

  2. Why You Shouldn’t Use IE Saturday, January 16, 2010

    [...] OS X And Safari Vulnerabilities Patched By Apple In Security Update 2009-001 | CyberInsecure.com Safari RSS Security Vulnerability Comes to Light Reply With Quote   + Reply to Thread « Easily test in [...]

  3. Security is a big deal… Safari & OS X » Prints Charming Photography Monday, February 1, 2010

    [...] today I found out another security vulnerability issue, this time with Safari and Mac OS X. It was announced just hours ago, so if you’re a Mac user [...]

Comments have been disabled for this post