Open source developer, Brian Mastenbrook has reportedly discovered a vulnerability in Safari's RSS feed feature.
The vulnerability allows malicious websites to read files on a users hard drive. According to the developer, Apple has acknowledged the security flaw.
OS X 10.5 and Windows users of Safari are affected by the vulnerability. Leopard users should choose another feed reader, while Windows users should cease using Safari all together until the issue is dealt with by Apple.
To change your default RSS feed reader in Safari for OS X, follow the instructions below:
1. Open Safari and select Preferences... from the Safari menu.
2. Choose the RSS tab from the top of the Preferences window.
3. Click on the Default RSS reader pop-up and select an application other than Safari.
Be careful out there folks.
fmindlin
January 20, 2009 at 6:10am
I followed Mastenbrook's instructions and disabled Safari's RSS, but I can't find a replacement -- what's a secure open source alternative?http://www.thedigitalstoryteller.com/ http://www.SeflaJoseph.com/ http://www.pvarts.org
