A week after the report made by Researcher, Nitesh Dhanjani, to Apple that the users who are using Safari as a web browser will be facing a serious security threat to their Windows Operating System if they visit any malicious website, Microsoft has issued a public notice to advice all Windows users to stop using Safari as a web browser until the investigation conducted by Microsoft has completed or any appropriate update announced by Microsoft and/or Apple.

Nitesh Dhanjani has reported to Apple that the Safari browser seems to have bugs and it automatically downloads certain files without users’ permission. When users browse to malicious sites, users’ desktop will be forced to download and execute malicious files without prompting any message or notice. The browser is so obedient and performs whatever it is told. The Safari browser cannot be configured in order to obtain users’ permission before it downloads any resource.

Safari is not a default browser in any Windows OS. It is installed independently by users. In regard to this so call carpet bombing vulnerability, Apple’s security team has remarked that they didn’t see the problem as a significant threat. Their researcher has communicated and informed Dhanjani that this problem will be fixed at some point down the road and it could take a while. Despite the statement from Apple, for security reason, if users continue using Safari as a web browser, please be more careful.

Related Posts