Stay Away From Safari, Warns Microsoft
Microsoft advises Windows users to forget about using Apple's Safari browser for the time being, due to a vulnerability that would allow attackers to download and run executable files onto unprotected machines.
June 2, 2008
The company published an advisory on May 30 that reads the following:
“Microsoft is investigating new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default; it must be installed independently or through the Apple Software Update application. Customers running Safari on Windows should review this advisory.
At the present time, Microsoft is unaware of any attacks attempting to exploit this blended threat. Upon completion of this investigation, Microsoft will take the appropriate measures to protect our customers. This may include providing a solution through a service pack, the monthly update process, or an out-of-cycle security update, depending on customers needs.”
According to the advisory, the threat doesn't affect users who changed the default location where Safari downloads content to the local drive.