Apple to Address '0.0.0.0' Security Vulnerability in Safari 18Apple plans to block websites from attempting to send malicious requests to the IP address 0.0.0.0 on macOS Sequoia, according
to Forbes. The means the change will be part of Safari 18, which will also be available for macOS Sonoma and macOS Ventura.
This decision comes after researchers from Israeli cybersecurity startup Oligo Security said they discovered a zero-day security vulnerability that allows a malicious actor to access private data on a user's internal private network. The researchers will present their findings this weekend at the DEF CON hacking conference in Las Vegas.
"Exploiting 0.0.0.0-day can let the attacker access the internal private network of the victim, opening a wide range of attack vectors," said Avi Lumelsky, a researcher at Oligo Security.
The researchers responsibly disclosed the vulnerability to Apple, Google, and Mozilla. More details are available
on the AppSec Village website.
macOS Sequoia and Safari 18 are currently in beta and will be widely released later this year.<div class="linkback">Related Roundup:
macOS Sequoia</div><div class="linkback">Tag:
Safari</div><div class="linkback">Related Forum:
macOS Sequoia</div>
This article, "
Apple to Address '0.0.0.0' Security Vulnerability in Safari 18" first appeared on
MacRumors.comDiscuss this article in our forums
Source:
Apple to Address '0.0.0.0' Security Vulnerability in Safari 18
