MacWorld UK has reported that a fully up-to-date system running Safari 2.0.3 (417.8) and Mac OS X 10.4.5 is vulnerable to a recently discovered security flaw. It can be exploited by malicious people to compromise a user's system. The source of this flaw is the way Mac OS X Tiger processes the meta data of the file associations of Zip archives. To make things worse this exploit allows Safari to automatically execute malicious code when visiting a website.
One known way to avoid this vulberability is to disable the "Open safe files after downloading" option in Safari. If you want to test if your Mac is vulnerable Secunia is kind enough to provide a working demonstration.
div style="position: absolute; top: 30px; left: 30px; border: solid 2px #333; color: #000; background-color: yellow; padding: 5px; width: 350px; z-index: 5;">
The M&D blog has moved! Redirecting…
You should be automatically redirected. If not, visit http://www.macamour.com/blog/ and update your bookmarks.