In case you missed this over at TUAW this morning.
A zero-day vulnerability in Safari that could litter a user’s desktop (or downloads folder) with arbitrary files is a serious security flaw, argues ZDNet, and not a mere “annoyance” as Apple claims.
In theory, a user must click a link to visit a malicious website that can begin downloading arbitrary files (including applications) to the user’s computer without their permission. The problem affects both the Windows and Mac versions of Safari.
If you are using Safari (Mac or Windows), just be careful where you click. And be sure to pass this along to your other Safari using friends that you know don’t read any of ‘the blogs’.
