So, Turkey Day and all that. Enjoy.
However, there’s another possible Safari exploit floating around out there that once again points out a key bit of configuration advice every Mac user should follow immediately.
Open Safari
Choose the Safari menu (upper left, next to the blue apple) and pick Preferences
Click “General” on the left hand side
Find the option that says “Open ‘safe’ files after downloading”
MAKE CERTAIN THIS OPTION IS ABSOLUTELY NOT CHECKED OR ENABLED.
That is all. It’s a stupid security hole Apple uncharacteristically created by allowing Safari to open (read: execute) certain “safe” files as soon as you download them. With it off, you’ll have to do it yourself. The difference is key; some nefarious sites may send unexpected files with nasty payloads, which Safari would then open automatically. Whups!
With the option off, this can’t happen — unless, of course, you decide on your own to open the weird, unexpected file on your own. And you know not to do that, right?
Happy Turkey Day.