Windows and Safari mix like virus-vulnerable oil and water, Microsoft warns, and Windows users should stop surfing with Apple’s web browser until the security holes have been patched. The “blended threat” combines a bug in Safari that downloads files to the desktop automatically and a vulnerability in how Windows XP and Windows Vista handle executable files there.
A “carpet bomb” attack could easily download malicious code, a security expert warned. Apple doesn’t consider the problem a security risk, but anti-malware groups have criticized the company for that position. Apple “believes that for the majority of consumers, issuing an advisory without a patch would probably just create FUD,” one industry expert told ComputerWorld. That's fear, uncertainty, and doubt.