A security researcher has published a demonstration exploit that takes advantage of the download mechanism in Apple's Safari browser to automatically download files onto a user's system. bNevertheless, Apple said it does not consider the issue a security vulnerability, according to Nitesh Dhanjani, a researcher who currently leads application security efforts at professional services company Ernst & Young.
Enterprises have begun paying closer attention to Safari in recent weeks because of a rise in the browser's market share on Windows. Safari is the built-in browser on Mac OS X. The problem arises "because the Safari browser cannot be configured to obtain the user's permission before it downloads a resource," Dhanjani said in a recent blog post.
View: The full story @ PCWorld
13 Comments - Add comment