Apple to patch decades-old ‘0.0.0.0 Day’ vulnerability in upcoming Safari update
Apple, along with Google, will be addressing a browser security vulnerability that’s been around for nearly 20 years, according to a report by Forbes (paid subscription required). The breach is being presented by cybersecurity firm Oglio at Def Con later this week and involves an IP address with a special purpose.
Devices connected to the internet use IP addresses for device and location identification, and the IP address 0.0.0.0 is used for special circumstances (it’s usually used as a stand-in address until the actual address is available). Oglio researcher found that hackers have been exploiting the way Safari, Chrome, and Firefox handle queries to a 0.0.0.0 IP address. According to Forbes, the browsers send the queries “to other IP addresses, including ‘localhost,’ a server on a network or computer that is typically private and is often used to test in-development code.” A hacker can send a request to the address to get private data.
Forbes confirmed with Apple that Safari in macOS Sequoia will block any website attempting to contact the 0.0.0.0 IP address. Google has a blog post that describes its plans to do a similar thing with Chrome. Mozilla told Forbes that it does not have plans to block 0.0.0.0 queries in Mozilla, but the company is researching the issue.
Since the fix is based on Safari and not OS based, it will be included in Safari 18 when it becomes available for older versions of macOS, such as Sonoma and Ventura.
How to protect yourself from hacker attacks
Apple has protections in place within macOS and the company releases security patches through OS updates, so it’s important to install them when they are available. If Apple pulls back an update, the company will reissue it as soon as it is properly revised with corrections.
Macworld has several guides to help, including a guide on whether or not you need antivirus software, a list of Mac viruses, malware, and trojans, and a comparison of Mac security software.