Safari 5.0.1 Update Brings Security Fix

Published July 28, 2010 | By Spencer Scott

Apple released an update to Safari today addressing a security vulnerability with Safari’s AutoFill feature which could have given access to private information.

http://support.apple.com/kb/HT4276

“Description: Safari’s AutoFill feature can automatically fill out web forms using designated information in your Mac OS X Address Book, Outlook, or Windows Address Book.  By design, user action is required for AutoFill to operate within a web form. An implementation issue exists that allows a maliciously crafted website to trigger AutoFill without user interaction. This can result in the disclosure of information contained within the user’s Address Book Card. To trigger the issue, the following two situations are required. First, in Safari Preferences, under AutoFill, the "Autofill web forms using info from my Address Book card" checkbox must be selected. Second, the user’s Address Book must have a Card designated as "My Card". Only the information in that specific card is accessed via AutoFill. This issue is addressed by prohibiting AutoFill from using information without user action. Devices running iOS are not affected. Credit to Jeremiah Grossman of WhiteHat Security for reporting this issue.”

Other security issues are also addressed in this update.

safari-165

Acronis Internet Security Suite 2010

Related posts:

  1. Skype Update Brings Multitasking in iOS4
  2. Mac OS X 10.6.3 Released by Apple
  3. iTunes 9.2.1 Update Released
  4. Mac OS X 10.6.4 Update Released
  5. Foxit PDF Creator 3.0 Maintenance Update
Posted in Apple, Updates | Tagged

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Newegg
App Store
Deals for Games
Divine Elemente

Copyright © 2012. All Rights Reserved.