Pages: [1]   Go Down
  Print  
Author Topic: macOS Monterey 12.2 and iOS 15.3 Release Candidates Fix Safari Bug That Leaks Browsing Activity  (Read 203 times)
HCK
Global Moderator
Hero Member
*****
Posts: 79425



« on: January 23, 2022, 04:05:07 pm »

macOS Monterey 12.2 and iOS 15.3 Release Candidates Fix Safari Bug That Leaks Browsing Activity

The macOS Monterey 12.2 and iOS 15.3 release candidates that came out today appear to address a Safari bug that could cause your recent browsing history and details about your identity to be leaked to malicious entities.





" width="1600" height="900" class="aligncenter size-full wp-image-833485


As shared last week by browser fingerprinting service FingerprintJS, there is an issue with the WebKit implementation of the IndexedDB JavaScript API. Any website that uses IndexedDB can access the names of IndexedDB databases generated by other websites during the same browsing session.





The bug permits a website to spy on other websites that the user visits while Safari is open, and because some websites use user-specific identifiers in their IndexedDB database names, personal information can be gleaned about the user and their browsing habits.





Browsers that use Apple's WebKit engine are impacted, and that includes Safari 15 for Mac and Safari for iOS 15 and iPadOS 15. Some third-party browsers like Chrome are also affected on iOS and ‌iPadOS 15‌, but the macOS Monterey 12.2, iOS 15.3, and iPadOS 15.3 updates fix the vulnerability.





FingerprintJS constructed a demo website to let users check to see whether they're impacted, and as 9to5Mac notes, after updating to the new software, the website detects no security holes.





The website is designed to tell users details about their Google accounts. On iOS 15.2.1 and ‌macOS Monterey‌ 12.1, we tested and the demo website was able to detect our Google account. After updating to the ‌macOS Monterey‌ 12.2 RC and the iOS 15.3 RC, the demo website no longer detects any data.





Apple earlier this week prepared a fix for the bug and uploaded it to the WebKit page on GitHub, so we knew that Apple was working to address the vulnerability. With the &zwnj;macOS Monterey&zwnj; 12.2 and iOS 15.3 release candidates now available, we could see these updates be made available to the public as soon as next week.<div class="linkback">Related Roundups: iOS 15, iPadOS 15, macOS Monterey</div><div class="linkback">Tag: Safari</div><div class="linkback">Related Forums: iOS 15, macOS Monterey</div>
This article, &quot;macOS Monterey 12.2 and iOS 15.3 Release Candidates Fix Safari Bug That Leaks Browsing Activity&quot; first appeared on MacRumors.com

Discuss this article in our forums

<div class="feedflare">
<img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=yIl2AUoC8zA" border="0"></img>[/url] <img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=6W8y8wAjSf4" border="0"></img>[/url] <img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=qj6IDK7rITs" border="0"></img>[/url]
</div>

Source: macOS Monterey 12.2 and iOS 15.3 Release Candidates Fix Safari Bug That Leaks Browsing Activity
Logged
Pages: [1]   Go Up
  Print  
 
Jump to: