Safari Vulnerability Discovered In iOS 5.1

Safari URL Vulnerability

If you are running Safari on iOS 5.1, using an iPad, iPhone, or iPod Touch, than you should be cautious of a security issue that involves address bar spoofing. This security issue was discovered by David Vieira-Kurz of MajorSecurity, and involves “an error within the handling of URLs when using javascript’s window open() method.”

This can be exploited by malicious websites to display custom URLs, potentially fooling users into supplying personal information to a malicious website. This is because the Safari address bar can display a totally different address than the website that is actually being displayed.

MajorSecurity has notified Apple of the issue and it is at the point where it is likely just a matter of time before a patch is available to fix the problem. Apple is working to fix this issue. However, it is probably a good idea to avoid opening untrusted links. Please do not give out your personal information to any website that asks for it through Safari on your iOS device.

Source: Modmyi

Leave a Reply

Your email address will not be published.