An open source software engineer with a history of uncovering flaws in Mac OS X, claims to have uncovered a security vulnerability in Apple’s web browser Safari, affecting both Windows and Apple Mac users.
Brian Mastenbrook has blogged that a serious vulnerability in the way that Safari handles RSS feeds could be abused by hackers to gain access to any file on your hard drive.
It’s important to realise that at the moment there is no reason to believe that the vulnerability is being exploited in the wild. Given Mastenbrook’s track record at finding flaws it would seem sensible to take his warning seriously, and he reports that Apple has acknowledged the existence of the vulnerability to him.
Mastenbrook offers a simple workaround for Apple Mac users – he says they should select a different feed reader in their preferences…
Read more in my article on the Naked Security website.