A digital security investigator has uncovered a major security flaw in Apple's Safari browser that gives away your personal information (like name, address, phone number, email address, country, etc.) via your Safari's AutoFill settings. This flaw affects Safari v.4 and the new feature-filled v.5.
When you fill in your information on a website — say, you register for a product or newsletter and enter your name, email address, etc. — you can choose to have your details saved to Safari to autofill any information boxes later. It's this feature that allows malicious websites to gain access to your information, without you even clicking on anything or entering any info whatsoever, by extracting your Address Card data, and sending the details to the attacker. The whole process takes only seconds.
Find out how to protect yourself after the break.
What to Do Now
Turn off your AutoFill settings ASAP. Head to Safari > System Prefrences > AutoFill, and uncheck all the boxes. Don't bother checking them again until a security update has been issued by Apple! We'll keep you updated on when that happens.