Safari User? Turn Off Autofill. NOW. | Social Threat | Who said social meant secure?

Safari User? Turn Off Autofill. NOW.

July 25th, 2010
Posted in Vulnerabilities
By Davezilla
Write comment

According to the brilliant Jeremiah Grossman, a severe vulnerability exists in Safari 4x and 5x allowing a malicious Web site to invade via the Autofill feature. More frightening, this vulnerability exists even if you haven’t filled out anything on the page.

TIP: Safari users are recommended to turn off Autofill immediately until Apple posts a patch or update to Safari. To turn off Autofill:

Safari Menu > Preferences > Autofill

Uncheck all Autofill options

Close Preferences

UPDATE: Looks like a variant idea was posted by Patrice Neff back in 2009. Still hasn’t been fixed! Also, Jeremiah suspects this may be a Webkit issue, which means Chrome, Konqueror and a few other browsers such as OmniWeb, iCab and possibly even the Android mobile browser will be affected.

No related posts.

Safari User? Turn Off Autofill. NOW.

- sarrica
- August 4th, 2010
- Log in to Reply
- QUOTE
Safari 5.0.1, released on July 28th, is supposed to fix the autofill vulnerability.
- - Davezilla
  - August 4th, 2010
  - Log in to Reply
  - QUOTE
  Thanks for the update, sarrica! Let’s hope the other browser mfgs using Webkit will follow suit.

TrackBack URL

No trackbacks yet.

You must be logged in to post a comment.

Recent Comments

Davezilla on Safari User? Turn Off Autofill. NOW.
Davezilla on My wife was robbed.
sarrica on My wife was robbed.
sarrica on Safari User? Turn Off Autofill. NOW.
Scott Vowels on My wife was robbed.

Recent Posts

Categories

Archives

Admin

Contact us for advertising solutions or consultations

Copyright © 2010 Social Threat | Who said social meant secure?
Theme designed by mono-lab
Powerd by WordPress