The best part about owning a PC is knowing that at any time, a newly discovered security flaw could be exploited on your system. Well, maybe that is not the best part, but it is certainly a part we are all familiar with. Recently, a bug discovered in Safari was disclosed, one that was interesting if not just annoying – it opened up a hole in which an attacker could place a bunch of executable files on the desktop of the machine that was compromised. Annoying, maybe, but if you were keen on what was on your desktop it wouldn't be too dangerous.
Now, however, the scope of that security flaw has widened
. It seems that in conjunction with the flaw, another flaw in a separate browser, IE, can also be exploited. Together they spell trouble, this time in the form of a system compromise. The IE flaw allows code to be executed on the machine, which in turn most likely leads to a machine taken over.
The flaw doesn't take a lot of effort, only requiring someone visit a maliciously crafted webpage. Given that even high profile sites
run by industry “leaders” can be hacked, accidentally visiting a nasty page isn't that rare. There is currently no fix for either IE or Safari. This bug is in a small group of bugs that have come to light in the past few years that require certain combinations of software to be installed.