“Over the weekend, a Mac OS X user named Stephan posted a Web page demonstrating a vulnerability in Tiger’s Widget architecture that could allow malicious JavaScript programs to be installed automatically when visiting a Web site.” more…
[ via MacFixit ]