“In what is being described as a ‘highly critical’ vulnerability, security firm Secunia on Monday issued an advisory to all Mac OS X users that surf the Web with Microsoft’s Internet Explorer or Apple’s Safari Web browsers,” Jim Dalrymple reports for Digit Magazine. “The result of the vulnerability, which has been confirmed using Safari 1.2.1 (v125.1) and Internet Explorer 5.2, is that it is ‘possible to place arbitrary files in a known location, including script files, on a user’s system if the Safari browser has been configured to (‘Open ‘safe’ files after download’) (default behavior) by asking a user to download a ‘.dmg’ (disk image) file.'”
Secunia recommends opening Safari preferences and uncheck “Open ‘safe’ files after download.”
Full article here.