Jeremiah Grossman has discovered and explained a potentially significant security flaw in Safari 4 and 5. In essence, if you have the AutoFill option "Using info from my Address Book card" enabled, a malicious Web site can extract your name, company, city, state, country, and email address without your knowledge. For the moment, we recommend turning off that option in Safari's AutoFill preference pane. Apple told the New York Times (though not Grossman, who reported the bug) that they are "aware of the issue and are working on a fix."
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.