Apple to Address ‘0.0.0.0’ Security Vulnerability in Safari 18
Apple plans to block websites from attempting to send malicious requests to the IP address 0.0.0.0 on macOS Sequoia, according to Forbes. The means the change will be part of Safari 18, which will also be available for macOS Sonoma and macOS Ventura.
This decision comes after researchers from Israeli cybersecurity startup Oligo Security said they discovered a zero-day security vulnerability that allows a malicious actor to access private data on a user’s internal private network. The researchers will present their findings this weekend at the DEF CON hacking conference in Las Vegas.
“Exploiting 0.0.0.0-day can let the attacker access the internal private network of the victim, opening a wide range of attack vectors,” said Avi Lumelsky, a researcher at Oligo Security.
The researchers responsibly disclosed the vulnerability to Apple, Google, and Mozilla. More details are available on the AppSec Village website.
macOS Sequoia and Safari 18 are currently in beta and will be widely released later this year.
This article, “Apple to Address ‘0.0.0.0’ Security Vulnerability in Safari 18” first appeared on MacRumors.com
Discuss this article in our forums