toggle

AAPL Stock: 111.78 ( -0.87 )

Printed from http://www.macnn.com

iOS 5.1 Safari vulnerability allows for spoofed URLs

updated 11:25 am EDT, Thu March 22, 2012

Dutch government issues official warning

A researcher with MajorSecurity, David Vieira-Kurz, has discovered a serious security vulnerability in the iOS 5.1 version of Safari. The problem lies with the way iOS handles the JavaScript window.open() method, used to open a new browser window. A malicious coder could use this to spoof URLs, tricking people into visiting copycat websites that might contain other threats or ask for credit card information.

The flaw has been tested on the iPhone 4, iPhone 4S, iPad 2, and third-gen iPad, and the Dutch Ministry of Security and Justice has reportedly even issued a warning. It was first discovered in iOS 5, and then replicated on March 1st. Apple was alerted on the 2nd and acknowledged the issue the next day, but has yet to put out a firmware update.

Apple now has at least two problems to address with new firmware. The other is weak Wi-Fi reception, a glitch resurrected from the first-gen iPad. Two temporary solutions include toggling Wi-Fi off and on, or simply rebooting an iPad.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented