Skip to main content

Some Browsers Are Providing Autofill Information To Websites Through Vulnerability

By February 4, 2017May 25th, 2021Cybersecurity

It seems like every week that passes, we become aware of some new threat to security online. In fact, it’s gotten so bad that a slowly increasing number of Americans are simply swearing off the internet, according to a recent survey by security researchers.

This latest threat takes the form of something long thought to be innocuous – a web browser’s autofill feature. Turns out, it’s not so innocuous after all, and even worse, all the major web browsers are vulnerable.

New research reveals that a browser’s auto-fill feature works even on hidden fields. It can allow a hacker to set up a dummy page and create a series of capture boxes which the browser will dutifully fill with your personal data without any action by you. Since the boxes are invisible, there won’t be any outward sign that your data has just been pilfered.

The companies that make the major browsers have been made aware of the issue and are working toward a solution, so you can expect to see a patch for whatever browser you use on a regular basis. Be aware of two things in the meantime.

First, be sure you’ve got your browser set to auto-update, so you don’t have to do anything when the latest patch becomes available. Second, until the patch is ready, you may want to disable autofill.

Yes, it means a few extra steps when you’re buying something online and/or entering your passwords to sites you use on a regular basis, but that is a small price to pay to keep your personal data private.

Unfortunately, we can expect that this will not be the last major security flaw revealed this year. If anything, the pace of discovery is increasing with legions of hackers revealing security flaws faster than software companies can close the breaches they discover.
Expect 2017 to be a bumpy ride where digital security is concerned.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.