HACKINTOSH.ORG | Macintosh discussion forums

Macintosh News => Apple News => Topic started by: HCK on August 08, 2024, 04:05:07 pm



Title: Apple to Address '0.0.0.0' Security Vulnerability in Safari 18
Post by: HCK on August 08, 2024, 04:05:07 pm
Apple to Address '0.0.0.0' Security Vulnerability in Safari 18

Apple plans to block websites from attempting to send malicious requests to the IP address 0.0.0.0 on macOS Sequoia, according to Forbes (https://www.forbes.com/sites/thomasbrewster/2024/08/07/hackers-exploit-18-year-old-vulnerability-in-apple-google-and-mozilla-browsers/). The means the change will be part of Safari 18, which will also be available for macOS Sonoma and macOS Ventura.



(https://images.macrumors.com/article-new/2022/01/safari-icon-blue-banner.jpeg)

This decision comes after researchers from Israeli cybersecurity startup Oligo Security said they discovered a zero-day security vulnerability that allows a malicious actor to access private data on a user's internal private network. The researchers will present their findings this weekend at the DEF CON hacking conference in Las Vegas.



"Exploiting 0.0.0.0-day can let the attacker access the internal private network of the victim, opening a wide range of attack vectors," said Avi Lumelsky, a researcher at Oligo Security.



The researchers responsibly disclosed the vulnerability to Apple, Google, and Mozilla. More details are available on the AppSec Village website (https://www.appsecvillage.com/events/dc-2024/0-0-0-0-day-exploiting-localhost-apis-from-the-browser-697724).



macOS Sequoia and Safari 18 are currently in beta and will be widely released later this year.<div class="linkback">Related Roundup: macOS Sequoia (https://www.macrumors.com/roundup/macos-sequoia/)</div><div class="linkback">Tag: Safari (https://www.macrumors.com/guide/safari/)</div><div class="linkback">Related Forum: macOS Sequoia (https://forums.macrumors.com/forums/macos-sequoia.246)</div>
This article, &quot;Apple to Address '0.0.0.0' Security Vulnerability in Safari 18 (https://www.macrumors.com/2024/08/07/safari-18-to-block-0000-security-vulnerability/)&quot; first appeared on MacRumors.com (https://www.macrumors.com)

Discuss this article (https://forums.macrumors.com/threads/apple-to-address-0-0-0-0-security-vulnerability-in-safari-18.2433134/) in our forums



Source: Apple to Address '0.0.0.0' Security Vulnerability in Safari 18 (https://www.macrumors.com/2024/08/07/safari-18-to-block-0000-security-vulnerability/)