macOS12.2/iOS15.3 將修正IndexedDB漏洞 - iOS
By Michael
at 2022-01-21T08:38
at 2022-01-21T08:38
Table of Contents
【情報來源】
原網址:https://9to5mac.com/2022/01/20/ios-15-3-rc-fixes-safari-bug-that-gives-
websites-access-to-browsing-history-and-google-id-data/
(原始未刪減的網址,未提供者水桶60日)
短網址:https://reurl.cc/yQMA5D
(若原網址過長時請儘可能提供短網址,反之免提供)
【情報內容】(國外新聞/情報請附上簡單翻譯)
macOS Monterey 12.2 RC / iOS 15.3 RC 修正 Safari IndexedDB 漏洞
原本會讓網站可透過 javascript IndexedDB API 存取瀏覽器內建資料庫
但問題出在該網站也有權限看到使用者在其他網站的資料庫名稱
而導致 瀏覽記錄 或者 Google 帳號資料有洩漏的風險
FingerprintJS 弄了一個展示網站 https://safarileaks.com/
https://i.imgur.com/KgotAZO.jpg
表示在漏洞影響下 使用者有可能洩漏的資訊
根據 9to5mac 的測試 macOS 12.2 RC / iOS 15.3 RC 已修正此問題
受影響的裝置包含所有 Safari 15 以後而且未更新至最新 RC 的系統
Safari 14 以前的裝置沒有此 bug
【介紹及心得】
感覺有點嚴重的 bug..
--
Tags:
iOS
All Comments
By James
at 2022-01-22T12:23
at 2022-01-22T12:23
By Mason
at 2022-01-23T16:07
at 2022-01-23T16:07
By Jake
at 2022-01-24T19:51
at 2022-01-24T19:51
By Jack
at 2022-01-25T23:35
at 2022-01-25T23:35
By Mason
at 2022-01-27T03:19
at 2022-01-27T03:19
By Irma
at 2022-01-28T07:04
at 2022-01-28T07:04
By Wallis
at 2022-01-27T14:14
at 2022-01-27T14:14
By Quanna
at 2022-01-28T17:58
at 2022-01-28T17:58
By Lucy
at 2022-01-27T14:14
at 2022-01-27T14:14
By Thomas
at 2022-01-28T17:58
at 2022-01-28T17:58
By Lily
at 2022-01-27T14:14
at 2022-01-27T14:14
By Rae
at 2022-01-28T17:58
at 2022-01-28T17:58
By Ingrid
at 2022-01-27T14:14
at 2022-01-27T14:14
Related Posts
ios 15.3 & watchos8.3 RC版發佈
By Elvira
at 2022-01-21T08:33
at 2022-01-21T08:33
路由器推薦 2homepod + 2 mini 用
By Lily
at 2022-01-20T23:47
at 2022-01-20T23:47
8plus換禮品卡
By Kama
at 2022-01-20T22:29
at 2022-01-20T22:29
照片編號未依拍攝時間排序
By Barb Cronin
at 2022-01-20T18:05
at 2022-01-20T18:05
請推薦不會延遲的螢幕轉接hdmi線
By Aaliyah
at 2022-01-20T12:53
at 2022-01-20T12:53