According to a new report released by a security researcher, a bug in Apple’s web browser, Safari, makes it possible for hackers to leak files from Mac and iOS devices.
Apple will wait until 2021 for the vulnerability in Safari!
Pawel Wylecial, co-founder of the Polish security firm REDTEAM.PL, first discovered the bug in April and reported it to Apple in no time. After the tech giant stated that it would fix this error in 2021, Wylecial decided to share his details with the public.
It is stated that the vulnerability was discovered in Safari’s Web Share API, a new web standard that allows sharing of text, links, files and other content between browsers. Apple’s web browser allows users to share files stored locally on both iOS and macOS devices.
However, this feature can be exploited by malicious websites that stealthily steal files from the device when they try to share an article or other content online using Safari.
This bug discovered in the Web Sharing API is certainly alarming, but so is Apple’s way of considering Wylecial’s feedback. Security researchers often give companies a 90-day vulnerability disclosure period before disclosing bugs to the public. However, Apple postponed the problem until the spring of next year, almost telling Wylecial to share the error with everyone. What do you think about the vulnerability in Safari?