Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari "Carpet Bomb" Attack Code Released

Posted by timothy on from the nogoodniks dept.

snydeq writes "A hacker has posted attack code that exploits critical flaws in the Safari and Internet Explorer Web browsers. The source code can be used to run unauthorized software on a victim's machine, and could be used by criminals in Web-based computer attacks, security experts say. The public example of the attack code allows attackers to litter a victim's desktop with executable files, an attack known as 'carpet bombing.' In combination with bugs in Windows and Internet Explorer, attackers can run unauthorized software on a victim's computer."

7 of 118 comments (clear)

  1. Best Solution by Skye16 · · Score: 2, Interesting

    Clearly the quickest way we can get Apple to fix this is to host this attack on all of our own websites, with the .exe in question being the uninstall program for Safari.

    As soon as the attack centers on an Apple product, they'll start moving their ass. Until then, it's "not [their] problem".

  2. Re:Quick Workaround... by Khyber · · Score: 2, Interesting

    Do you know WHY IE likes to load stuff from the desktop?

    If you disable active web content on your desktop (thus only allowing .bmp backgrounds, IIRC) I'll bet half this wouldn't happen. IE is integrated into the desktop so for it to run shit from the desktop makes sense.

    --
    Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
  3. MSFT needs to fix this ASAP by aristotle-dude · · Score: 2, Interesting
    Having Apple change the default location from ~/Desktop to something else only for windows would not solve the real problem. The real problem is that windows should be doing the flagging of the file as potentially unsafe and IE should not be loading DLLS placed on the desktop regardless of how they got there. It is not the responsibility of the browser to flag it a file as potentially unsafe. Windows should either provide a well documented API for setting an unsafe flag on downloads separate from any IE/IE7 code or windows should be monitoring downloads and flagging them.

    Regardless of what the default is in Safari or even Firefox, a user can still change that default to anything they want including the desktop.

    As others have pointed out, the downloads folder is a Leopard specific feature used by Safari when running under Leopard and the executable warning thing is also a Leopard feature.

    --
    Jesus was a compassionate social conservative who called individuals to sin no more.
  4. Re:Quick Workaround... by Fast+Thick+Pants · · Score: 2, Interesting

    In this case the shortcut to IE is launching the program with the user's desktop as current directory. Hold the phone -- after several tests using CastrTroy's method, it appears that it doesn't matter one lick what the current directory is: IE will always give preference to executables on the desktop. 1) Eating crow and 2) Yikes! I still think Apple will be able to fix this first, and should.
  5. Who uses safari for windows and IE? by wattrlz · · Score: 3, Interesting

    Personally I think the bigger issue is that Safari will auto-download, auto-mark-safe, and auto-run files silently. IE's broken too, but either one of the players involved could render this exploit moot. Let's see who responds first before stoning someone to death.

    I still don't see why someone would be browsing around in safari and then open up IE. A regular user's likely to only use his favorite browser and a dev who needs to view the same site in multiple browsers would probably notice that there're a bunch of new .dll files all over the desktop.

    1. Re:Who uses safari for windows and IE? by mkramer · · Score: 2, Interesting

      Who uses safari for windows, period?

      But on my PC, I have mozilla as my default browser, but Picasa and Visual Studio still insist on using IE when it needs to do web stuff. I'm sure I could override that, but I haven't bothered.

      IE being the system's browsers leaves it easy to be accidently opened, methinks.

      But I'm in agreement that if Windows provides a mechanism for marking files as unsafe, it's Safari's fault for not taking advantage of that. Apple can't blame Microsoft of being at fault if they're not using the security mechanisms that Microsoft has put in place.

  6. Re:It is a safari flaw by deke_kun · · Score: 2, Interesting

    I have no issue with a browser automatically downloading files. There is a reason quarantined dropboxes exist. If you're not smart enough to notice the difference between My Computer.exe and an authentic shortcut then that is entirely your fault.

    This issue is about the execution of code WITHOUT user interaction.

    You can have an argument about the pros and cons of the Safari Feature somewhere else. This is not the problem here.