Social Threat | Who said social meant secure? » Safari http://socialthreat.com Who said social meant secure? Sat, 18 Jun 2011 03:07:30 +0000 http://wordpress.org/?v=abc en hourly 1 Safari User? Turn Off Autofill. NOW. http://socialthreat.com/2010/07/25/turn-off-autofill-now/ http://socialthreat.com/2010/07/25/turn-off-autofill-now/#comments Sun, 25 Jul 2010 22:05:52 +0000 Davezilla http://socialthreat.com/?p=583

According to the brilliant Jeremiah Grossman, a severe vulnerability exists in Safari 4x and 5x allowing a malicious Web site to invade via the Autofill feature. More frightening, this vulnerability exists even if you haven’t filled out anything on the page.

Safari Autofill

TIP: Safari users are recommended to turn off Autofill immediately until Apple posts a patch or update to Safari. To turn off Autofill:

  1. Safari Menu > Preferences > Autofill
  2. Uncheck all Autofill options
  3. Close Preferences

UPDATE: Looks like a variant idea was posted by Patrice Neff back in 2009. Still hasn’t been fixed! Also, Jeremiah suspects this may be a Webkit issue, which means Chrome, Konqueror and a few other browsers such as OmniWeb, iCab and possibly even the Android mobile browser will be affected.

No related posts.

]]> http://socialthreat.com/2010/07/25/turn-off-autofill-now/feed/ 2