Apple Fails To Patch Safari After Two Years

Two years after releasing a security patch for its Safari for Windows web browser, Apple has refused to release a patch for the browser's Mac counterpart.

The Safari flaw, first reported by security researcher Nitesh Dhanjani, involved a technique known as 'carpet bombing', which could be used in conjunction with another Windows vulnerability to run malicious software on a PC.

Although it remains to be seen if the flaw can be exploited using a Mac, many believe it wise to test and fix the potential problem before somebody does exploit it.

In an interview, Nitesh Dhanjani said: “I told Apple about it two years ago, and they responded back, saying it was more of an annoyance than anything else.”

Dhanjani explained that in a carpet bomb attack, malicious websites begin to download virus laden software on to the PC.

Safari is affected by this type of attack because it saves files automatically without asking users first.