Apple Inc. has released a fix for a serious security flaw in the Windows version of the Safari Web browser, which allowed the download of software from a malicious Web site without giving the victim any advanced warning. The patch, part of a security update recently issued by Apple, has changed Safari in a way that it would first seek permission from a user before downloading an application from a Web site to the desktop. In a description of the patch, Apple seemed to place the blame on Microsoft, saying the vulnerability stemmed from “how the Windows desktop handles executables.”
Read the full article here