Apple has declared that the carpet bombing bug in Safari is not a security hazard. If you use Safari, anyone can create a website that will automatically download programs or anything at all onto your computer. If you use Windows, the programs and whatever will be placed on your desktop, giving you hundreds or maybe thousands of icons on your desktop. If you use a Mac, the downloads will be placed in your Downloads folder. Whether you suddenly get hundreds or thousands of such downloads on your system, without your doing even a single thing, depends on how malicious that website is.
You don’t have to do anything for this to take place. You won’t even be notified when it happens. It just works. 🙂
I guess Apple doesn’t think this carpet-bombing-automatic-downloads is a problem, since they themselves automatically download Safari onto your system when you update Itunes. It will be too hypocritical, I imagine, to say that other websites doing the same thing are wrong when they do it themselves.