Archive for June, 2008

Protection against Safari

Microsoft has issued a Security Advisory to alert folks to a security risk if they are running Apple’s Safari web browser on a Microsoft system. (www.microsoft.com/technet/security/advisory/953818.mspx)

What is the issue? The Safari web browser doesn’t prompt users before downloading and saving files to their system. In contrast, both Internet Explorer and Mozilla Firefox prompt users before saving downloaded files to the system.

This ‘oversight’ on Apple’s part can put users at risk. Specifically, visiting a malicious website with Safari can cause an unintended download of software to the machine. This software can also be automatically executed on the machine – all without the user’s consent. In short – a very bad thing.

While Apple considers adding a ‘feature’ to prompt users before downloading files, and while Microsoft ponders if it can do anything via a security patch, the best advice is not to use Safari.

(Shavlik customers running NetChk Protect can perform a NonBizWare spyware scan to help identify Safari installations and automatically remove them as desired.)

Leave a comment »