Security glitch identified in Apple Safari

Allows hackers to secretly access personal information and files on a user’s hard drive

  • E-Mail
By  Vineetha Menon Published  January 14, 2009

A serious flaw that allows hackers to steal information through the Apple Safari browser has just been identified.

The vulnerability, acknowledged by Apple, was brought to light by open source expert Brian Mastenbrook, who has found other flaws with Apple’s software in the past.

“….Apple's Safari browser is vulnerable to an attack that allows a malicious web site to read files on a user's hard drive without user intervention. This can be used to gain access to sensitive information stored on the user's computer, such as emails, passwords, or cookies that could be used to gain access to the user's accounts on some web sites,” Mastenbrook writes in his blog post.

Changing the default RSS feed reader application in Safari was thought to solve the problem, but it’s since been revealed that Mac OS X 10.5 Leopard users remain affected.

Earlier versions of Mac OS X are not at risk but PC users of Safari are advised to use a different browser till the issue is fixed.

While Apple has so far not publicly addressed the vulnerability, Mastenbrook has published a list of remedial steps for users in his blog .

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code