Hackers could abuse a bug in Apple’s Safari browser to filter or steal files from Mac and iOS users’ devices, according to a new report from a security researcher.
The co-founder of Polish security firm REDTEAM.PL, Pawel Wylecial, first discovered the bug in April and reported it to Apple. However, it decided to make its findings public after the iPhone maker decided to delay fixing the bug until spring 2021.
In his recently published blog post, Wylecial explains that the bug lies in Safari’s implementation of the Web Share API, which is a new web standard that allows text, links, files, and other content to be shared between browsers.
Apple’s browser allows users to share files that are stored locally on their iOS or macOS devices. However, this feature could be exploited by malicious websites that secretly steal files from a user’s device when they try to share an article or other content online using Safari.
Safari Web Share API
Wylecial also included a proof-of-concept video in his blog post where he shows how the Web Share API bug can be used to steal a user’s browser history or / etc / passwd database files in Safari.
Although Wylecial has described the bug as “not very serious” due to the fact that user interaction and complex social engineering are necessary to trick users into leaking local files, he also noted that it would be fairly easy for an attacker to “do the shared file invisible to the user ”.
While the Web Share API bug is certainly concerning, so is the way Apple handled the Wylecial bug report. Security researchers typically give companies a 90-day vulnerability disclosure deadline before making their findings public, but by postponing patching the issue until spring next year, Apple forced Wylecial to disclose the vulnerability. publicly.
As for the bug itself, Wylecial said that iOS versions 13.41 and 13.6, as well as macOS Mojave 10.14.16 with Safari 13.1 and macOS Catalina 10.15.5 with Safari 13.1.1, are all affected and there is currently no solution available. for the problem.
Hopefully, by making his findings public, Wylecial can convince Apple to expedite the fixes for this bug and those disclosed by other security researchers.
Source : Techradar.com