TweakTown
Tech content trusted by users in North America and around the world
5,676 Reviews & Articles | 36,072 News Posts
Weekly Giveaway: Fractal Design Arc Cases Contest (Global Entry!)

iOS 5 contains Safari bug, opens users to malicious sites

MajorSecurity discovers a bug in iOS5 and 5.1 that allows users to be lured to a malicious site.

| Hacking & Security News | Posted: Mar 23, 2012 4:31 pm

This is a cautionary story for all of those iOS 5 users out there, including the new iPad 3 users. Germany security firm MajorSecurity discovered a bug earlier this month that can be used to trick you into visiting potentially malicious Web sites. The bug was first discovered in iOS 5 and was replicated in iOS 5.1. Apple was informed of the bug by MajorSecurity on March 3, but has not yet issued a patch.

 

[img]2[/img]

 

"The weakness is caused due to an error within the handling of URLs when using javascript's window.open() method," explained David Vieira-Kurz of MajorSecurity. "This can be exploited to potentially trick users into supplying sensitive information to a malicious Web site, because information displayed in the address bar can be constructed in a certain way, which may lead users to believe that they're visiting another web site than the displayed web site."

 

Apple has acknowledged the bug, so they should be able to produce a patch, and I would encourage you to upgrade when it becomes available. Until then, watch the sites you go to, as it may not be where the URL bar is telling you you are at. If you would like to see for yourself, go here on your mobile device, select Demo in the upper left corner. This will open a new page that says Apple and looks like Apple but is still on MajorSecurity's server.

NEWS SOURCE
Majorsecurity.net

Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Post a Comment about this news

Latest Tech News Posts

View More News Posts

Latest Downloads

View More Latest Downloads

TweakTown Web Poll

Question: Did EA kill the Battlefield franchise with the terrible BF4 issues?

Yes, Battlefield is doomed

No, Battlefield will live on strong

I'm not sure, but I know EA needs to improve its game

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Get TweakTown updates via Facebook!
Just click the "Like" button below