An app developer recently discovered a vulnerability that gives apps containing malware the opportunity to steal browsing history from Safari. The bug is known to affect all versions of macOS Mojave. In Mojave there are specific folders that cannot be accessed by default, such as ~/Library/Safari, but a few apps have access to the contents in this folder, such as Finder for example. The developer figured out how to bypass the Mojave restrictions and gain access to ~/Library/Safari because there are no permission dialogs. The bug is believed to come from a developer API and Apple now knows about it and says they will be investigating it.
Analyst Notes
At this time, there is no known way to mitigate this issue, however users should be slightly relieved to know that the vulnerability is only exploitable by a malicious app running on the system and cannot be done remotely.
