Safari's "AutoFill" vulnerability reveal your personal info

Apple's Safari browser has a major security hole that malicious sites can use to steal your personal data, including your address and phone number through the "AutoFill web forms" boxes checked, "a site can snag information from your Address Book without your knowledge." To turn that feature off, open up preferences and click AutoFill.Users should […]

Apple's Safari browser has a major security hole that malicious sites can use to steal your personal data, including your address and phone number through the "AutoFill web forms" boxes checked, "a site can snag information from your Address Book without your knowledge." To turn that feature off, open up preferences and click AutoFill.

Users should note that this works on Safari 4.x and 5.0 and uses information from the Address Book located on Mac (information that users are required to fill out when they boot their machine for the first time). Even though there's no Address Book on Windows, any personal info you put directly into Safari's AutoFill is still at risk.

[Source]