Kapersky discovers security flaw in Safari

Posted by: Jennifer Cefai (2 years, 10 months ago)

PC security experts Kapersky have seemingly discovered a flaw in Apple's Safari brwoser that keeps user IDs and passwords stored in plain text. Before you start panicking, this bug only affects OSX10.9.5 running Safari 6.0.5 (8536.30.1) and OSX10.7.5 with Safari 6.0.5 (7536.30.1).The flaw is quite a significant one in any case, and stems from the "Reopen All Windows From Last Session" feature. The document Safari creates to restore old pages is in plaintext and contains user IDs and passwords. While the file is hidden, it's not that difficult to find if you know what you're looking for. "You can just imagine what would happen if cybercriminals or a malicious program got access to the LastSession.plist file on a system where the user logs into Facebook, Twitter, LinkedIn or their online bank account." wrote Kaprersky in a blogpost.

← New Zealand Restaurant Will Serve up Burgers via Pneumatic Tubes Google Launches Tips to Guide You through Its Services →

Process Library is the unique and indispensable process listing database since 2004 Now counting 140,000 processes and 55,000 DLLs. Join and subscribe now!

System Tools

PC Mechanic