4null4.de is giving us an English overview of a Safari Security Hole being reported by IT Portal Heise Online.
The security hole hinges on a preference being checked. I’ve yet to figure out whether or not this option is checked in a default installation of Safari. Mine was checked.
Either way, it could be bad, very bad. Until a security fix comes along, go to the Safari Menu, Preferences …, under “General”, uncheck the checkbox that says “Open “safe” files after downloading”.
I tried their proof of concept, and sure enough, a Terminal window opened, with a message indicating i’m vulnerable.
update 2/20: English version of the original article, from the source.
update 2/21: Secunia, Macworld, Slashdot are initiating coverage.
{"source":"https:\/\/gigaom.com\/2006\/02\/20\/security-hole-in-safari\/wijax\/49e8740702c6da9341d50357217fb629","varname":"wijax_6852657d50a0bda8fb2723dd0b2a52e6","title_element":"header","title_class":"widget-title","title_before":"%3Cheader%20class%3D%22widget-title%22%3E","title_after":"%3C%2Fheader%3E"}