Leave a Comment

Safari RSS vulnerability might reveal your personal data
The Unofficial Apple Weblog (TUAW) — Filed under: SecurityWhen reports of security issues in Apple's Safari browser come over the transom, they get our attention. When they're exploitable in both the Mac and Windows versions of Safari, they get our full and undivided attention. When the person reporting them is Brian Mastenbrook (credited with discovering multiple previous vulnerabilities in Mac OS X)... well, someone shut off that damn klaxon and let us get back to work. In this case, the issue is that a hole in Safari's handling of RSS feeds could allow an attacker (via a ...

Security flaw in Safari's RSS feeds reported
AppleInsider — ... as emails, passwords, or cookies that could be used to gain access to the user's accounts on some web sites." According to Mastenbrook, Mac OS X Leopard users should change their Default RSS reader preference to another feed reader.  Possible solutions include Mail and  NetNewsWire . Safari for Windows users should use a different web browser until the security hole is patched, he said. Mastenbrook has a credible reputation for bug reporting, with  no fewer than four  mentions, by name, in previous Apple release notes.