Update your Safari browser as soon as possible! According to SecureMac, if you have the older version of the browser, your computer might be in danger--both Macs and PCs. Malicious websites are known to steal files from the local systems using the Safari beta by just visiting them.
The attack occurs when an Xml eXternal Entity (XXE) is planted against the parsing of the XSL XML.
To update your Safari to the latest version, launch "Software Update" on your computer.
Comments
Print
Email
Links:
[1] http://www.maclife.com/user/jc_domingo
[2] http://www.maclife.com/article/news/local_file_theft_though_safari
[3] http://www.securemac.com/safari-xsl-xml-vulnerability.php
[4] http://scary.beasts.org/security/CESA-2009-006.html