Apple Patches Safari "Carpet Bomb" Security Flaw

[JMcEntegart]

Apple has released a new version of Safari for Windows, fixing a critical bug that allowed attackers to download files onto a users desktop.

Apple Patches Safari "Carpet Bomb" Security Flaw : Read more

 

[royalcrown]

Wouldn't that be upload onto a user's desktop and download from a user's desktop Jane ?

If your gonna write tech, it helps to know the jargon, keeps you from sounding green

 

[nekatreven]

@RC: Actually, in this case the attacker instructs the victim's computer to download onto the user's desktop or upload from the user's desktop; as was correctly described in the article.

Its a simple matter of perspective. Even though the commands come from the attacker's side no file share has been opened on the victim's computer that could accept an upload or offer a download, so the victim is not acting as a server. The 'client' mentality/perspective remains with the victim because its the victim's machine that is initiating requests to servers that are offering or accepting files; so files arriving are being downloaded and files leaving are being uploaded.

If you're going to nitpick and criticize other people about something this trivial it helps to know what you're talking about, keeps you from looking like a jerk

 

[Guest]

Thank you nekatreven for taking the the time to remind someone that it helps to think before posting. Of course, in common knowledge/usage, this process was also obvious to everyone else.