Major Vulnerability Found in Safari AutoFill
Posted 07/22/2010 at 11:33am
| by Florence Ion
Here's a friendly PSA from the online community--disable your Safari AutoFill as soon as you possibly can! When Safari users visit a malicious website, it is able to uncover all of their information through AutoFill using data from the user's personal record in the operating system's address book.
All the website has to do is extract the Address Book card data from Safari and fill it in where possible. There's no current word from Apple on the vulnerability, but the user who uncovered the issue filed a private report to Apple on June 17th.
