Apple's Safari browser is apparently vulnerable to an attack that allows files to be read on a hard drive.
Open source software developer Brian Mastenbrook claimed that no user intervention is required to read files on a user's hard drive. He claimed that the vulnerability has been acknowledged by Apple but it has not made information available on when a fix for this issue will be released.
Mastenbrook said: “Users of Firefox, Camino and Opera on Mac OS X are substantially better protected against exploitation by a malicious web page than users of Safari or OmniWeb. If users of these browsers are asked to open a link in Safari, they should not allow the request and close the page that triggered the request immediately.
“All users of Mac OS X may still be affected by clicking on a malicious link from their email client, instant messaging program, or another application. Users of Safari on Windows are also affected. The only workaround available for users of Safari on Windows is to use a different web browser.”
Mastenbrook recommends downloading and installing the RCDefaultApp preference pane to work around the issue.