SANS – Internet Storm Center – Cooperative Cyber Threat Monitor And Alert System : “We received notice from Juergen Schmidt, editor-in-chief at heise.de, that a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.”
So… the .scp Outlook exploit has come to OS X. Grand. I guess the honeymoon is over.
(Via SANS Internet Storm Center.)