Skip to main content

Homeland Security Warns of Apple’s Safari Security Bug

Yes, Apple users, it is a sad truth, but you have security flaws too. The Danish security firm Secunia has discovered a vulnerability in the Safari web browser that it has labeled “highly critical”, the most serious security rating the firm can give. The flaw has been confirmed by the United States Computer Emergency Readiness Team, a Department of Homeland Security, and an advisory has been issued.

So far the bug is specifically targeting Windows operating systems, but Apple’s OS may also be affected. The flaw allows hackers to access key information when the user opens webmail services like Gmail, Hotmail, or Yahoo. The hacker can then log user data including passwords and even credit card information. The warning also claims that specially crafted websites can grant hackers access, as can closing specific pop ups.

The issue is specifically related to a badly coded section in Safari. Apple has met the security flaw with the same forthcoming attitude and tenacity that they meet all security flaws – in other words they have remained silent on the subject and refuse to comment. No patch has been released, and it is anyone’s guess when or if there will be one. Until there is, Secunia recommends that you “Do not visit untrusted web sites or follow links from untrusted sources. Do not authenticate to sites that use HTTP basic authentication and use redirections to different domains.”

The Safari browser has been plagued with security issues since its release, and Apple has faced criticism for releasing patches without announcing the security flaw that the patch is for. In March, Apple released 16 patches for Safari, including 10 that specifically affected Mac OS X.

Editors' Recommendations

Topics
Ryan Fleming
Former Digital Trends Contributor
Ryan Fleming is the Gaming and Cinema Editor for Digital Trends. He joined the DT staff in 2009 after spending time covering…
This critical exploit could let hackers bypass your Mac’s defenses
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

Microsoft has discovered a critical exploit in macOS that could grant hackers easy access to your Mac’s most important data. Dubbed ‘Migraine,’ it shows why it’s vital to update your Mac as soon as possible.

Migraine is so damaging because it can bypass Apple’s System Integrity Protection, or SIP for short. SIP is enabled by default on modern Macs and works by sandboxing sensitive parts of the computer from outside meddling. Only processes that are signed by Apple (or those with special privileges, like Apple installers) are allowed to alter something guarded by SIP.

Read more
Google just made this vital Gmail security tool completely free
The top corner of Gmail on a laptop screen.

Hackers are constantly trying to break into large websites to steal user databases, and it’s not entirely unlikely that your own login details have been leaked at some point in the past. In cases like that, upgrading your password is vital, but how can you do that if you don’t even know your data has been hacked?

Well, Google thinks it has the answer because it has just announced that it will roll out dark web monitoring reports to every Gmail user in the U.S. This handy feature was previously limited to paid Google One subscribers, but the company revealed at its Google I/O event that it will now be available to everyone, free of charge.

Read more
Microsoft Edge is losing to Safari, despite its push for AI
MacBook Air with Safari open and showing colored Compact Tabs.

Many desktop browsers continue to compete for users, and in April 2023, Apple Safari overtook Microsoft Edge in global market share, according to data collected by StatCounter.

Though the browsers' market share was still neck-and-neck, Safari's April figures come in at 11.89%, while Edge closed the month at 10.95%. Even so, both browsers continue to lag behind Google Chrome, which maintains its number one spot with in excess of 60%, as pointed out by MSpoweruser.

Read more