Intology - Intelligent Technology News
Computers Technology Internet Arts Business Science Sports

Liu Die Yu, a security researcher has published proof-of-concept code for the blended Internet Explorer (IE)-Safari for Windows threat.

He shows that the “carpet bomb” exploit in Safari is caused by a design flaw in Internet Explorer.

Microsoft issued an advisory May 30, warning that Windows XP and Vista customers who have installed Safari on their machines should consider not using the browser until a patch is delivered.

According to Liu Die Yu:

A design flaw in Windows Internet Explorer, version 8 beta 7, and probably others, breaks the security of Safari for Windows shipped by Apple. Apple’s Safari for Windows downloads and saves requested file[s] to user’s desktop by default — this default behavior does not constitute a mistake.

He further said:

Windows Internet Explorer loads program library(DLL) from Desktop if the filename is set to some specific value. Two things added up, or “blended”, IE loads library file downloaded by Safari. The action of loading library runs code in the library file, and loading the wrong file results in executing the wrong code.

The problem originated from an error that Windows Internet Explorer will load some program library files(DLL) from user’s Desktop instead of its own library file folder(usually C:\WINDOWS\SYSTEM32). Apple’s Safari for Windows downloads and saves requested file to user’s Desktop by default - this default behavior itself does not constitute a mistake. Microsoft used some vague wording in the advisory: “Suggested Actions” are “Restrict use of Safari as a web browser …”, as if it’s a flaw rooted in Safari.

Microsoft suggests users “change the download location of content in Safari to a newly created directory” — for instance, c:\SafariDownload.

For details visit Liu Die Yu blog.