Village Tronic ViBook: Multi-Monitor For Your Netbook
Once you've used a multi-monitor setup, it's almost impossible to go back to a single screen. Notebook users likely feel this pain most sharply. However, Village Tronic's ViBook proposes a USB-based solution for the folks looking for more display space. Read More
-
Killer Xeno Pro: Do You Really Need A Gaming Network Card?
Bigfoot Networks has updated its gaming Network Processing Units to support PCI Express connectivity. The new Killer Xeno Pro has a lot of new features, but can it really deliver higher performance for a gamer? We test the new card in order to find out. Read More
-
ADVERTORIAL Microsoft BPOS: Taking Action
Moving to Microsoft Business Productivity Online Suite quickly and smoothly may require the help of a qualified advisor. That's an opportunity for potential BPOS customers and those who want to become BPOS advisors. Read More
- safari
- file downloads stop
- change location of user folder vista
- make apple safari default browser xp
- safari browser and xp
- default location for files
- can we change the default user documents folder
- how to change the default location of desktop in windows xp
- change default desktop windows xp
- change user desktop default location
- changing default location of desktop xp
- is there any way stop unwanted messages
- restrict user download xp windows
- windows xp restrict default users permission
- windows vista security flaws
Partners
The Games selection
crazy :
PC Breakdown
What is worst than a Fatal Error occuring during a game you did not save? Unleash your rage at your PC in this game. Blow it to pieces, it feels so...
|
action :
Line Rider Beta 2
The new version of Line Rider! With the pencil tool make a line from the left top to the right bottom. use the hand to move the line if needed and...
|
Sponsored links
Apple Patches Safari "Carpet Bomb" Security Flaw
Next news- Email |
- Print |
- Comments (3) |
- Share
Apple has released a new version of Safari for Windows, fixing a critical bug that allowed attackers to download files onto a users desktop.
Microsoft announced the bug a couple of weeks back, advising customers using Safari to restrict their use of the browser until an appropriate update was available from Microsoft and/or Apple.
When Apple was first notified of the bug in Safari, it didn’t seem to be in any rush to fix it. According to the Washington Post Security Researcher, Nitesh Dhanjani, spoke to Apple and Microsoft about the bug and suggested that Apple add a feature to Safari, which asks the user’s permission before downloading anything. Apple told Dhanjani that while the company thought this was a great idea and would forward it to the Safari team, it was not treating it as a security issue but rather a way to stop unwanted downloads.
Originally, it was reported that the bug was basically a hole, which allowed an attacker to caret bomb a user by downloading files to their desktop. However it then emerged, that coupled with a bug in Internet Explorer, attackers could run programs on a victim’s computer without their knowledge.
Safari 3.1.2 now notifies a user before downloading anything to their computer and Apple has also changed the default location for files downloaded using safari. Instead of saving directly to the desktop, Window’s XP downloads will go to users’ Documents folders and Vista downloads will be saved to the Downloads folder.
Click here to get download the newest version of Safari.
Source : Tom's Hardware
Wouldn't that be upload onto a user's desktop and download from a user's desktop Jane ?
If your gonna write tech, it helps to know the jargon, keeps you from sounding green
@RC: Actually, in this case the attacker instructs the victim's computer to download onto the user's desktop or upload from the user's desktop; as was correctly described in the article.
Its a simple matter of perspective. Even though the commands come from the attacker's side no file share has been opened on the victim's computer that could accept an upload or offer a download, so the victim is not acting as a server. The 'client' mentality/perspective remains with the victim because its the victim's machine that is initiating requests to servers that are offering or accepting files; so files arriving are being downloaded and files leaving are being uploaded.
If you're going to nitpick and criticize other people about something this trivial it helps to know what you're talking about, keeps you from looking like a jerk
Thank you nekatreven for taking the the time to remind someone that it helps to think before posting. Of course, in common knowledge/usage, this process was also obvious to everyone else.