Apple update fixes Safari critical flaw

By Derek Sooman on March 3, 2006, 7:26 AM
Apple yesterday released a security update that deals with multiple vulnerabilities, in particular a critical flaw in its Safari web browser. The problem in question meant that malicious hackers could rename extensions stored in ZIP archives, and could then trick users into executing malicious shell scripts.

The flaw meant malicious applications could appear as a safe file type. If Mac users had left the "Open safe files after downloading" option enabled in Safari then malware would automatically be executed as soon as a user was tricked into visiting a malicious-constructed website. Security researchers produced a proof of concept demo to validate their concerns about the critical flaw.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.