Apple works to fix Safari bug that puts Google Accounts at risk

Apple says it is working to fix a Safari bug that puts the security of Google IDs at risk.

safari bug

As reported a few days ago, this bug is related to Safari’s IndexedDB implementation on Mac and iOS and makes it possible to see database names for any Google domain, not just your own. Database names can then be used to extract credentials from a lookup table. An attacker could steal your Google user ID and use that ID to discover other personal information. Additionally, the exploit also allows extracting a user’s browsing history without their consent.

Apple is working on fixing this WebKit-related bug, with an update for macOS and iOS that may be released soon.

Leave a Comment