Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform

Microsoft Security Advisory (953818)
Microsoft is investigating new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default; it must be installed independently or through the Apple Software Update application. Customers running Safari on Windows should review this advisory.

At the present time, Microsoft is unaware of any attacks attempting to exploit this blended threat. Upon completion of this investigation, Microsoft will take the appropriate measures to protect our customers. This may include providing a solution through a service pack, the monthly update process, or an out-of-cycle security update, depending on customers needs.

Mitigating Factors:

•    Customers who have changed the default location where Safari downloads content to the local drive are not affected by this blended threat.

http://www.microsoft.com/technet/security/advisory/953818.mspx

Leave a Reply