Slashdot Mirror
Microsoft Urges Windows Users To Shun Safari
benjymouse writes "The Register has picked up on a recent Microsoft security bulletin which urges Windows users to 'restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple.' This controversy comes after Apple has officially refused to promise to do anything about the carpet bombing vulnerability in the Safari browser. Essentially, Apple does not see unsolicited downloads of hundreds or even thousands of executable files to users' desktops as being a security problem." Now while downloading a hundred files to your desktop won't automatically execute them, Microsoft's position is that a secondary attack could execute them for you.
Therefore, I should urge Windows users not to use IE after dropping Safari.
You just never know.
Ignore this signature. By order.
Microsoft urges users to shun anything that they don't sell.
This is a story?
* Carthago Delenda Est *
Some drink at the fountain of knowledge. Others just gargle.
The irony level in this situation is simply astounding. Secondary attack can cause execution of said downloaded binaries? What about all that malicious content that Internet Exploiter happily executes for the user with nary a warning or confirmation?
So it has been 5 or more years since you have used Windows or IE uh? IE has blocked ActiveX and any other local execution for a long time. (Notice there haven't been rampant IE attacks using local execution in a long long time.)
Currently the most secure way to browse the Internet is IE on Vista, as it runs with lower than user permissions(Protected Mode), so even if a exploit did manifest, it can't even touch user files/folders. (And yes I know this will make 99% of SlashDot cringe or go WTF, but it is sadly true.)
You shouldn't comment on crap you apparently don't understand.