Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari "Carpet Bomb" Attack Code Released

Posted by timothy on from the nogoodniks dept.

snydeq writes "A hacker has posted attack code that exploits critical flaws in the Safari and Internet Explorer Web browsers. The source code can be used to run unauthorized software on a victim's machine, and could be used by criminals in Web-based computer attacks, security experts say. The public example of the attack code allows attackers to litter a victim's desktop with executable files, an attack known as 'carpet bombing.' In combination with bugs in Windows and Internet Explorer, attackers can run unauthorized software on a victim's computer."

3 of 118 comments (clear)

  1. Re:Secure from the ground up! by spud603 · · Score: 5, Informative

    RTFA. Actually, it looks like this is a windows problem. Safari automatically downloads a file to the desktop. Then when you start Internet Explorer it runs the file on your desktop and there is the problem.
    So the real issue is that Safari can be told to automatically download a file while internet explorer will automatically run a malicious dll from the desktop. actual post and proof-of-concept code here.
    seems like a misleading summary to me.

  2. Re:Secure from the ground up! by Richard_at_work · · Score: 5, Informative

    Read Slashdot: Microsoft Urges Windows Users To Shun Safari - it explains what happens in more detail.

    Basically, on Windows Safari automatically downloads files, in imitation of its behavior on OSX, but whereas on OSX it downloads them to a nice ~/Downloads directory on Windows it downloads them to the desktop. Also, on OSX Safari tags the downloaded file as 'unsafe', but it fails to use the Windows functionality to do the same on Windows. This leaves a whole load of files that you never asked for or wanted lying around on your computer in a state that is one step away from being executed.

    This 'attack' allows a malicious person to force Safari to dump thousands of files on your desktop, which in and of itself is not a nice thing, but when coupled with other exploits it can lead to code execution of these files you never wanted in the first place - whether those exploits are patched by the vendor (Microsoft) or not, we both know that a significant portion of desktops are not kept fully up-to-date with security releases.

  3. Re:This is a longstanding Windows flaw. by brunascle · · Score: 5, Insightful

    I'd say it is a security flaw in Safari, but for different reasons. As the same blog explains, you could have Safari download an executable to the desktop that pretends to be e.g. Internet Explorer. If they normally launch IE from the desktop, they could click the fake IE next time, running arbitrary code.