Google’s security team Project Zero have found multiple security flaws in Apple’s Safari web browser that allowed the tracking of users’ browsing behavior, Financial Times reported on Wednesday, citing a paper.
The vulnerabilities let Safari users have their web browsing tracked, despite Apple creating Intelligent Tracking Prevention to stop that sort of tracking. Because the list that ITP uses stores information about the websites visited by the users, an attacker could create a “persistent fingerprint” that would enable them to follow a user around the web or see their search terms, according to the report.
Google informed Apple of the vulnerabilities back in August 2019, and Apple fixed them back in December.
Project Zero is following its new 90-day disclosure policy to give companies time to patch the security flaws it finds.
Apple and Google did not respond to a request for a comment.