Appleโs iOS and macOS are always considered to have better security than Android and Windows, but not all the time. A security researcher found a zero-day vulnerability in the Safari browser, which has seven different flaws that may allow any remote hacker to access usersโ microphone, camera, location and even saved passwords. And being a Zero-day, there were no exploitations yet and Apple rewarded the finder a bounty of $75,000.
Rayn Pickren, a security researcher has surfaced seven different flaws from Appleโs Safari browser that may allow any hacker to the bluff user and the browser to spy on you. As we all knew, any app for functioning needs certain permissions like access to the microphone, camera, gallery, storage, etc. These were allowed by the user manually and could deny anytime he wants. But, few flaws in the Safari browser let this consent go out of hand.
Safari being insecure
An error in Safariโs hostname parsing blurs the differentiation between authentic and malicious websites. This allows hackers to craft a fraudulent website that resembles legitimate sites and have their permissions reflected to them. For example, a user letting camera and microphone permission to Skype is normal, which was stored by Safari as the user allowed so. And the next time when he visits Skype, Safari would directly let the user go onto video by default.
And when a hacker crafts a malicious site resembling Skype, this could fool Safari. He may add meaningless hostnames like file: javascript: or data: to fool Safari as a legitimate site. Simply, Safari has failed to check the websiteโs origin policy, which should be coming from the same. Further, this would let the hacker gain plaintext passwords too! But, thereโs a limitation. This trick works only when the websites are currently opened.
Patch is available
These flaws were informed to Apple by Ryan a while back, and Apple has released patches for them in subsequent updates. These were pushed in Safari version 13.0.5 (28th January 2020) and version 13.1 (24th March 2020), where users are recommended to update immediately to avoid being exploited.
Source: Ryan Pickren