The flaw can be exploited if the Mac user has enabled an option in Safari to “open safe files after downloading,”
Secunia said in an advisory Thursday. The security company has rated the problem “highly critical.”
“It is never good to have something open automatically when you download it, so users should disable this automatic feature in Safari,”
said Thomas Kristensen, Secunia’s chief technology officer.