Search Disaster Preparedness Blog

Entries in apple issue (1)

Monday
Sep272010

Autofill Bug In Safari Exposes Personal Information

Apple has left an autofill bug in Safari unpatched that could potentially expose personal information you would never intend for anyone else to see.

Apples Autofill feature allows you to quickly fill out forms that you have previously entered, including credit card information and social security numbers.

A security expert has figured out a way of getting that information by tricking you to hit two keys: the "U" key and the "tab" keys. In theory you could place a hidden form behind a game on a web page that utilizes these keys and tricks you into filling out the form, and stealing your information.

Jeremiah Grossman discovered the bug and you can see a video of the flaw being demonstrated on his site under his entry: The Safari AutoFill Hack Lives!