Microsoft Security Advisory (953818): Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform

Microsoft is investigating new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default; it must be installed independently or through the Apple Software Update application. Customers running Safari on Windows should review this advisory.

At the present time, Microsoft is unaware of any attacks attempting to exploit this blended threat… Apple Support has released a security advisory that addresses the vulnerability in Apple’s Safari 3.1.2 for Windows. Please see Apple security advisory About the security content of Safari 3.1.2 for Windows for more information.

Mitigating Factors:

•  Customers who have changed the default location where Safari downloads content to the local drive are not affected by this blended threat.