Nasty little exploit in OS X. There's a proof of concept test at Secunia.com (click on the "Test Now" link). You can make Safari immune to this by disabling the "Open safe files after downloading" option in the preferences. Slashdot has more.
Seriously folks, this is a *really* nasty hole in Safari and you should unckeck that option as soon as possible.
Seriously folks, this is a *really* nasty hole in Safari and you should unckeck that option as soon as possible.