A new vulnerability in Safari for Windows has been confirmed by the U.S. Computer Emergency Readiness Team (US-CERT). The team said it had confirmed the exploit for the Windows version of Safari 4.0.5, but that “other versions may also be affected.”
The exploit makes it possible for the bad guys to take over your PC when the victim pulls up a maliciously crafted HTML document. The research advisory issued said, “By convincing a victim to view an HTML document (web page, HTML e-mail, or e-mail attachment) with Apple Safari, an attacker could run arbitrary code with the privileges of the user running the application.”
At issue is a problem with how Safari handles references to Window objects, according to US-CERT. The short version is that Safari can allow a window within the app to be closed while allowing references to that window to persist. Javascript code can then be used to exploit this reference in such a way that allows the bad guys to control your computer.
Apple has not yet released a patch for the hole, but US-CERT said that disabling Javascript could mitigate the exploit. The advisory also emphasized that users not follow unsolicited links (say in spam e-mail), but that a trusted site that had been compromised could still include a hacked Web page that leads to an attack.
US-CERT attributed Krystian Kloskowski for disclosing the vulnerability.