Serious Safari security flaw found

By on Jul 22, 2010 at 2:40 PM
Security July 22, 2010

SafariLogo

If you are a Mac user, and fancy Safari as your default internet browser, you are going to want to pay attention to this one. A bug found in Safari’s AutoFill feature can allow a malicious website to gather personal information from a users address book card — more specifically: first name, last name, work place, city, state, and email address. There is a published proof of concept exploit for the bug that can be found here. We suggest Safari users navigate to: Preferences > Auto-fill, and uncheck “Use info from my Address Book card” until Apple sorts this one out. Hit up the read link for more details.

Read

Tags:
, , , ,
67 Comments

Related Articles

  • Dan

    I wonder if ill get a bumper to fix this?

  • TONY

    @Ernie I’m typing from my iPhone. What credit should I give to Apple? Oh I know what credit you mean. My paycheck. Sure. I’ll just throw my money at apple while they continue to make products that are faulty. Stop being such a moron.

  • Electrofreak

    It’s kind of ironic that for years, Apple has been touting the security of their products when the primary reason for said security was a low interest in exploiting any flaws by the virus / hacking community because of the fairly small market share Apple controlled.

    Now that Apple has become a more significant player, their products are gaining a lot more attention…

    Jobs, I hope you’re ready to feel the heat that Microsoft has been feeling…

    • Zach

      UNIX is just a more secure operating system than Windows. Can it be exploited? Sure, but there has to be much more ignorance on the user’s end.

      • Hugh Janus

        If youre comparing Kernals, NT is just as good as any other OS kernal out there.

        If youre talking about the layers on top of the kernal, then that’s a different story.

        You have a right to your opinion, but please at least know what youre talking abou.

      • http://www.m.com M

        Oh, there is pleeeeeeeeeeeeenty of ignorance on the user’s end, don’t worry, there’s enough for everyone! ;)

        Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.

      • sirpaul

        Yes…ignorance like using autofill right? You have to be really ignorant to use a feature offered in your favourite web browser….no? Guess it doesn’t take much to exploit your MAC this time now does it :)

  • Johnny Ives

    They’re browsing wrong. Stay tuned.

  • http://www.mynucleus.org greener pastures

    I have always believed that there are greener pastures for hackers on the OS X . With all of Apple’s new devices and growing market Share, the company might be making too much noise for the wolves (hackers) to notice.

    http://tech.mynucleus.org

  • iStruckout

    Most Apple people I talk to tell me how much safer a MAC is, and how they don’t get viruses, and how they bought one to get rid of the infected Windows machine they have

    It’s 2010, and if you don’t know how to operate a computer well enough to protect yourself from basic viruses and email “You WON” spam, then you probably shouldn’t be on the internet, and perhaps shouldn’t own a computer.

    Bumper Sticker Slogans are destroying this country.

    Death Panels anyone ?

  • Sonar_Chris

    The one time a software fix will take care of the problem and Steve Jobs hasn’t called a press conference. What a waste. lol

  • http://worldinclick.co.cc azeem

    this is awesom post …

  • Neo

    Just put a bumper on it.

  • http://jiggy1.com jiggy

    when did microsoft start creating apple products?

  • IH

    This bug actually isn’t exclusive to Safari. It is also in Chrome, Firefox and certain versions of IE.

    http://arstechnica.com/security/news/2010/07/vendor-inaction-leads-researcher-to-disclose-safari-ie-flaw.ars

    Maybe people should research something before outright lashing out. I swear the comments on sites are turning from constructive conversation to kids talking smack on a high school playground.

  • http://microtrendsecurity.com Micro Trend Security

    Oh I know what credit you mean. My paycheck. Sure. I’ll just throw my money at apple while they continue to make products that are faulty. Stop being such a moron.

  • iPwnNubs4Fun

    @Dan,

    absolutely f’ing lmfao! best comment yet!

    Posted from BGR Mobile (iPhone).

  • http://canadiantechblogger.com Brad

    Hopefully Apple fixes it soon :) .

1 2
blog comments powered by Disqus