Apple ‘Hide My Email’ Vulnerability Exposes Users’ Real Email Addresses

 

Apple ‘Hide My Email’ Vulnerability Exposes Users’ Real Email Addresses

Researcher tyler marfi aur 404 media ke independent test ke feature Apple ka “Hide My Email” feature abhi ek unpatched vulnerability se prabhavit hai, jo attackers ko ek anonymized alias ke peeche asli email address ka pata lagane ki ijazat deta hai.

Apple ka Hide My Email, jo iCloud+ ka hissa hai, user ke primary inbox ko sign-up aur app registration ke dauran private rakhne ke liye unic relay address banata hai.

Apple ‘Hide My Email’ Vulnerability

404 media ki report hai ki is samasya ko uske apne ek chhipe hue address par validate kiya gaya tha aur yeara tak iska fayda uthaya ja sakta tha, jabki Apple ko iski report kiye jaane ke ek saal se zyada samay ho gaya tha.

EasyOptOuts ne is kami ka pata lagaya aur standard zimmedaar discloser practice ke anusar, Apple ko ek saal se zyada samay pehle ise dobara banane ke detailed nirdesh diye the. iske bavjud, Apple ne koi fix nahin lagaya hai ya prabhavit users ko iske nuksan kam karne ke tarike nahin bataye han, jisse yah kami production service mein active hai.

bug ka abhi bhi fayda uthaya ja sakta hai, isliye 404 media aur marfi ne partial discloser ka option chuna hai: janta ko chetavani dete hue, chhote-mote galat istemaal ko rokne ke liye exploitation ke sahi steps ko rok diya hai.

Post a Comment

Previous Post Next Post