Slashdot Mirror


Microsoft Urges Windows Users To Shun Safari

benjymouse writes "The Register has picked up on a recent Microsoft security bulletin which urges Windows users to 'restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple.' This controversy comes after Apple has officially refused to promise to do anything about the carpet bombing vulnerability in the Safari browser. Essentially, Apple does not see unsolicited downloads of hundreds or even thousands of executable files to users' desktops as being a security problem." Now while downloading a hundred files to your desktop won't automatically execute them, Microsoft's position is that a secondary attack could execute them for you.

8 of 502 comments (clear)

  1. Re:Wow. Just wow. by cp.tar · · Score: 0, Flamebait

    Therefore, I should urge Windows users not to use IE after dropping Safari.
    You just never know.

    --
    Ignore this signature. By order.
  2. Quality of links by bwalling · · Score: -1, Flamebait

    Seems like the quality of linked sites on Slashdot has gone down over the years. These two links are from the Register and some guy's blog.

  3. Re:Wow. Just wow. by gb506 · · Score: -1, Flamebait

    I'm curious, what is your definition of a proprietary web browser?

  4. Apple urges Windows users to Shun IE by kurt555gs · · Score: 1, Flamebait

    Microsoft urges users to shun anything that they don't sell.

    This is a story?

    --
    * Carthago Delenda Est *
  5. Re:Wow. Just wow. by Anonymous Coward · · Score: -1, Flamebait

    Bollocks is it! Apple take the code, wait forever while they change it, then dump the complete source saying that's their contribution back. Ask the devs, this might as well not be done because they can't pick out the patches as you can with proper open source project and co-operative devs.

  6. Such as the mysterious second hit. by twitter · · Score: -1, Flamebait

    I could start a list of IE holes but you would be 95 before I finished. The easy place to start is the current article, where M$ claims people can remotely execute things on your computer. If M$ is not good enough a source, there are a variety of AV vendors with lots of good information on line. I think we both have better things to do.

    --

    Friends don't help friends install M$ junk.

  7. Re:Accidentents. --lol by goombah99 · · Score: 1, Flamebait

    Essentially, Apple does not see unsolicited downloads of hundreds or even thousands of executable files to users' desktops as being a security problem. The registers characterization chooses some pretty inflamatory prose. (surprise! it is the reg). But somehow I doubt apple does not see it as a problem. They just have not fixed it yet.
    --
    Some drink at the fountain of knowledge. Others just gargle.
  8. Re:Wow. Just wow. by TheNetAvenger · · Score: 0, Flamebait

    The irony level in this situation is simply astounding. Secondary attack can cause execution of said downloaded binaries? What about all that malicious content that Internet Exploiter happily executes for the user with nary a warning or confirmation?

    So it has been 5 or more years since you have used Windows or IE uh? IE has blocked ActiveX and any other local execution for a long time. (Notice there haven't been rampant IE attacks using local execution in a long long time.)

    Currently the most secure way to browse the Internet is IE on Vista, as it runs with lower than user permissions(Protected Mode), so even if a exploit did manifest, it can't even touch user files/folders. (And yes I know this will make 99% of SlashDot cringe or go WTF, but it is sadly true.)

    You shouldn't comment on crap you apparently don't understand.