Jul 232010
 
 July 23, 2010  Online

Seth Rosenblatt reports:

The autofill option in Apple’s Safari browser can expose personal data without the user’s consent, a security researcher reported on Wednesday. It remains unclear as to whether the problem affects Safari specifically or all WebKit-based browsers, which include Google Chrome. It’s recommended that Safari and Chrome users disable the autofill feature immediately, until further notice.

Jeremiah Grossman, the chief technical officer of WhiteHat Security, documented the exploit in a blog post on Wednesday, saying that it affects both the current version of Safari, version 5, and the legacy version, Safari 4. He said that the exploit is severe enough that a malicious Web site can access autofill information from Safari without the user entering in any personal information on the site, or even if the user had never visited the site previously.

Read more on cnet.

Sorry, the comment form is closed at this time.