Browser Safari serious vulnerability leaks user privacy, Apple responds slowly and gets bombarded

Apple, which has always advertised that it attaches great importance to user privacy, has recently been exposed to serious vulnerabilities in the browser Safari, users’ browsing records and Google account data are leaked at any time, and the most affected Safari users include iPhone, iPad and Mac Safari users. Received a notification in June, but no corrections have been made so far.

The website FingerpintJS released their statement a few days ago, saying that a JavaScript API called IndexedDB in WebKit has an error, the website can read the recent browsing history of Safari users, and even know the user’s identity through the logged-in Google account. FingerpintJS especially reminds iPhone and iPad users that as long as the browser uses the WebKit core, there is a chance to be affected by this vulnerability, even if the browsers developed by third parties such as Chrome are used.

It is worth noting that this vulnerability only affects Safari 15 versions of the latest versions of iOS, iPadOS and macOS, and WebKit of the old version of Safari 14 is not affected. FingerpintJS said that after discovering the vulnerability last year, it notified Apple at the end of November, but the vulnerability has not been fixed yet. Users of the above-mentioned Apple devices can go to to test, and they will see the logged-in Google account and pictures, etc. personal information.

Source: ubergizmo


Source link

Leave a Comment