- Reaction score
- 1,724
Microsoft is warning that a previously disclosed in Apple's Safari browser could have dire consequences for Windows users.
The Safari bug, originally disclosed on May 15 by security researcher Nitesh Dhanjani, allows attackers to litter a victim's desktop with executable files, an attack known as "carpet bombing."
It turns out that if this flaw is exploited in combination with a second unpatched bug in Internet Explorer, attackers can run unauthorized software on a victim's computer, according to Aviv Raff, a security researcher. Raff says he originally reported the IE flaw to Microsoft more than a year ago, and then told them about how it could be combined with the carpet bombing bug just over a week ago.
The Safari bug, originally disclosed on May 15 by security researcher Nitesh Dhanjani, allows attackers to litter a victim's desktop with executable files, an attack known as "carpet bombing."
It turns out that if this flaw is exploited in combination with a second unpatched bug in Internet Explorer, attackers can run unauthorized software on a victim's computer, according to Aviv Raff, a security researcher. Raff says he originally reported the IE flaw to Microsoft more than a year ago, and then told them about how it could be combined with the carpet bombing bug just over a week ago.
Safari flaw worse than first thought, Microsoft warns
Microsoft is warning that a previously disclosed flaw in Apple's Safari browser could have dire consequences for Windows users.
www.networkworld.com
Last edited: