This is Tim Rains.
Very quickly, I wanted to let you know that we’ve just posted Microsoft Security Advisory 953818. This security advisory talks about new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari web browser for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default: it must be installed independently or through the Apple Software Update application.
If you run Safari on the affected platforms, we encourage you to review this advisory.
We’ve activated our Software Security Incident Response Process (SSIRP) and are working with our colleagues at Apple to investigate the issue. We have identified steps customers can take to protect themselves in the workaround section of the advisory.
We are currently not aware of any attacks and are monitoring the issue and are working with our MSRA partners to help protect customers. We will update the advisory and this blog as new information becomes available.
*This posting is provided “AS IS” with no warranties, and confers no rights.*