An anonymous reader quotes a report from Wired: Apple has a well-earned reputation for security, but in recent years its Safari browser has had its share of missteps. This week, a security researcher publicly shared new findings about vulnerabilities that would have allowed an attacker to exploit three Safari bugs in succession and take over a target’s webcam and microphone on iOS and macOS devices. Apple patched the vulnerabilities in January and March updates. But before the fixes, all a victim would have needed to do is click one malicious link and an attacker would have been able to spy on them remotely.
The bugs Pickren found all stem from seemingly minor oversights. For example, he discovered that Safari’s list of the permissions a user has granted to websites treated all sorts of URL variations as being part of the same site, like https://www.example.com, http://example.com and fake://example.com. By “wiggling around,” as Pickren puts it, he was able to generate specially crafted URLs that could work with scripts embedded in a malicious site to launch the bait-and-switch that would trick Safari. A hacker who tricked a victim into clicking their malicious link would be able to quietly launch the target’s webcam and microphone to capture video, take photos, or record audio. And the attack would work on iPhones, iPads, and Macs alike. None of the flaws are in Apple’s microphone and webcam protections themselves, or even in Safari’s defenses that keep malicious sites from accessing the sensors. Instead, the attack surmounts all of these barriers just by generating a convincing disguise.
of this story at Slashdot.
Source:: Slashdot