The Latest in IT Security

Apple Plugs Gaping Holes in Safari Browser

17
Dec
2013

One month after a group of Chinese researchers exploited a critical WebKit bug to break into — and hijack private data — from a fully patched iPhone, Apple has shipped a Safari update to fix the vulnerability.

The patch, available for Safari 6.1.1 and Safari 7.0.1, fixes a total of nine security vulnerabilities, the most serious of which allows malicious hackers to launch drive-by downloads using rigged Web sites.

The new Safari update comes just over a month after Keen Team, a group of Chinese researchers, demonstrated two iPhone exploits via Safari to capture Facebook credentials (iOS version 7.0.3) and hijack photographs (iOS aversion 6.1.4).

Keen Team’s exploits were delivered as part of the Mobile Pwn2Own hacking challenge at the PacSecWest security conference in Japan.

Here’s the explanation from HP, one of the Pwn2Own sponsors:

The first was an application exploit. Via Safari, the team were able to steal a Facebook cookie that was then exfiltrated and used to compromise the targeted Facebook account from another machine. In order for the exploit to work, a user would need to click on a link in an email, an SMS, or a web page, so some social engineering would be required to prompt a user to take an action before their credentials could be compromised.

According to documentation from Apple, the security holes resided in WebKit. The company confirmed that visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.

The Safari update also includes a patch for a bug that disclosed user credentials to an unexpected site via autofill.

“Safari may have autofilled user names and passwords into a subframe from a different domain than the main frame. Thisissue was addressed through improved origin tracking,” Apple explained.

Related: Hackers Demo Two iPhone Exploits via Safari at Mobile Pwn2Own

Tweet

Ryan is the host of the podcast series “Security Conversations – a podcast with Ryan Naraine”. He is the head of Kaspersky Lab’s Global Research & Analysis team in the USA and has extensive experience in computer security user education, specializing in operating system and third-party application vulnerabilities, zero-day attacks, social engineering and social networking threats. Prior to joining Kaspersky Lab, he monitored security and hacker attack trends for over 10 years, writing for eWEEK magazine and the ZDNet Zero Day blog. Follow Ryan on Twitter @ryanaraine.Previous Columns by Ryan Naraine:Apple Plugs Gaping Holes in Safari BrowserMassive Android Mobile Botnet Hijacking SMS DataArbor Networks: Beware of Bitcoin Alarm Utility Database Cloud Services a Malware Risk to Enterprises: ImpervaBug Bounty Flaws Remain Unpatched for 151 Days: Study

sponsored links

Tags: Mobile Security

Phishing

Virus Malware

Malware

Vulnerabilities

Comments are closed.

Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments