Microsoft has released a formal warning to Safari users and urged them to stop using Apple's web browser until the company comes up with a patch to close the vulnerability which affects all versions of Windows XP and Vista.
The Microsoft advisory (opens in new tab) describes how the blended attack could potentially affect millions of Windows Safari Users.
According to Secunia, the issue is caused by a combination of processes related to the default download location in Safari and the way Windows desktop handles executable files.
By default, Safari doesn't request user intervention when it comes to downloads, something which Nitesh Dhanjani, an independent security researcher said could lead to a "carpet bombing" attack with hackers specifically targeting Safari users.
Should the computer user visit a malicious website and download any compromising file, the flaw could potentially allow a hacker to remotely execute malware and take control of the host computer.
One temporary solution would be to set the download section in Safari to something other than "Desktop" while other observers have already called for users to dump Safari and use alternative browsers until a patched version is released.