Microsoft is investigating new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apples Safari for Windows has been installed.
Customers who have changed the default location where Safari downloads content to the local drive are not affected by this blended threat.
just did-thanks-i didn't know i was a customer-i thought i got Safari for FREE ;D
but don't download using Safari in the first place-just did that as a precaution ::) :D
Well you know this can happen because the Safari browser cannot be configured to obtain the user’s permission before it downloads a resource. Safari downloads the resource without the user’s consent and places it in a default location (unless changed). Since Safari does not know how to render content-type of blah/blah, it will automatically start downloading carpet_bomb.cgi every time it is served. Therefore Microsoft’s advice not to use Safari any longer on their OS until there is a fix. This combined Safari/IE vulnerability might still be successfully exploited, even if the user will change Safari’s download location, so the workaround is no solution, and both Microsoft and Safari should come up with a patch, because IE is also involved in this,
non-alcohol don’t touch the stuff anymore 8)
with a good salad maybe
and what may be a good alternative browser besides ff since i just removed apple software update and the carpet bomb thing safari ???
I became quite impressed with The World browser, get it from here: http://www.ioage.com/en/index.htm
Nice skins on their forum, like the skin Lucky Red Go back one page and forward are a fan, etc.
So we will give you lychee fruit with ginger balls and whipped cream
Java script is probably going to play a significant role in web-based application competition against Microsoft OS-centered governance and its Silverlight. Firefox, Safari and Opera are all in java script side and competing in how quickly and correctly they are able to load applications and information. So, for users, it’s nice to see these three competing each other. Opera and Safari (with SquirrelFish waiting to be implemented) seems to be way ahead about this while Firefox allows the users to take control on applications and information through add-ons, which is probably going to become more important in the coming era of web-based application. That said, as a user, ultimately, I’d like to have non-superficial, meaningful choices in my hands.
Considering the background, I cannot but wonder if this is related with some political string of Microsoft against Safari? Information itself is probably true but I cannot but feel a political string, too. I wouldn’t go too much into the speculation, either, though.
Microsoft has every right, Since the program is running on their OS. Just as Apple would have the right to post a security bulletin if a Microsoft program was causing problems on their OS.
this is an avast forum. Forgive me but I do not believe that any of the posters here is showing an anti-Apple bias but honestly reporting from other places.
Nevertheless, in fairness to .: Mac :. it may well seem that posts about “stop using Safari” is a rather red flag comment and if it had said “my favorite blog says stop using Firefox” might well have met rather more opprobrium and if it was “my favorite blog says stop using avast” the poster may well have been just taken out and lynched.
We get a lot of good facts here mixed with a fair amount of opinion of variable worth … and sometimes it may be a tug to decide which we react to and which we let pass. Most of our friends here are just trying to present honest information - if we do not like it let’s be honest and say so but let’s try our best to not characterize posting here as an issue of “hate”.
Er…it may sound bit conspiracy theorist but red flag…? Apple is another company in free market economy. Open source in general is often criticized as “red flag” but, as far as Firefox concerned, it has some back-ups from some companies such as Google…so, things are not so clear cut.
Re-reading my previous comment, I find it may be misleading: Microsoft Silverlight is not exclusive and planned for Opera and usable on Mac. That said, as a user, I don’t think it is good for a single organization to become overly dominant in terms of free choices of users.
I don’t hide the fact that I am using Antivir and other payed products as well as Avast but I am not “lynched” yet here. ;D
Nevertheless, in fairness to .: Mac :. it may well seem that posts about "stop using Safari" is a rather red flag comment and if it had said "my favorite blog says stop using Firefox" might well have met rather more opprobrium and if it was "my favorite blog says stop using avast" the poster may well have been just taken out and lynched.
There is a tremendous amount of loyalty to Avast here on the forums. If someone came in here and told people to stop using avast you would be all over them.
I am only interested in the security implications of what I read here, and that is also the link to these postings appearing here in the avast security forums, but we have no blinders on here, and a lot of related things are reported and tested to come to a better opinion. I for instance have a Minefield litmus account to help the Firefox QMO crowd with the beta-testing of FF 3.0 pre. A browser is like a pair of gloves, this pair suits this person, that pair of gloves is better suited to another. If I was a searcher and into searchlores the browser for me should be Opera, if I was in Web 2.0 and writing my own blogs online I would choose Flock 1.1. Etc. and so forth, so many people so many choices, drop the insecure options like Browzar, obsolete DocZilla etc… But this is not what we have here: there are flaws in two applications that are dangerous when brought together on Windows XP and that is the embedded Internet Explorer of Windows combined with the Safari Browser on Windows, we saw it with IE and Firefox and we can mention other examples. Now the cat and mouse game starts about who is to patch first and who is to blame for the inconvenience, And to be honest where two quarrel two are at fault, well this is mostly the case. A browser application should not put malware all over an OS. There is something wrong also with the OS that allows that to happen. But then again it is closed software and nobody knows what skeletons are out there hanging in Microsoft’s cupboard, and we have not discovered about them. Patch on, wait for next Tuesday…