Apple’s iOS Safari browser has been the source of many vulnerabilities in the past, and a new discovery reveals a scary bug in the latest version of iOS. When browsing the web on iOS 5.1, there’s the potential that you could run into some address bar spoofing.
What does that mean exactly? Basically, a site URL could be displayed in the address bar that doesn’t actually match the webpage you’re visiting.
David Vieira-Kurz of MajorSecurity.net discovered the bug and posted a rundown:
If you’re curious, the vulnerability can be demoed by following this link on a device running iOS 5.1. Tap the demo button and a fake website will be loaded while the apple.com URL remains in the address bar.
Apple is aware of this bug, so expect an iOS patch to hit any day now. In the meantime, be careful about visiting shady links on a device running iOS 5.1. Such a vulnerability could be exploited to get you to give personal information, such as a login, to a malicious website. We’ll let you know when Apple fixes the problem.
[via The Next Web].