(Update January 27, 2022, 10:00AM IST): Apple has released stable versions ofiOS 15.3andmacOS Monetery 12.2, so you should update your systems now. On iPhones, go to Settings > General > Software Update to do it; on Macs go to Apple Menu > About this Mac > Software Update to install the new version.
(Update January 21, 2022, 10:15PM IST): Apple has releasedan iOS 15 RC 3 updateto fix the WebKit bug leaking your browsing history. This update will be rolled out to users soon after beta testing by developers.
If you use anAppledevice, chances are that Safari is your default browser. If that’s the case, you’ll want to avoid using Safari for a bit because a bug in the app could leak your entire browsing history.
Last week,the team behind FingerprintJS, a browser fingerprinting library, wrotea blog postabout a vulnerability in Safari 15 that gives away your browser history. By exploiting this bug, an attacker can learn about what websites you’re visiting, and even see your Google ID for services like YouTube, Google Calendar, and Google Keep. You can read more about ithere.
Calling all Scaleup founders! Join the Soonicorn Summit on November 28 in Amsterdam.
Meet with the leaders of Picnic, Miro, Carbon Equity and more during this exclusive event dedicated to Scaleup Founders!
You can also look at the video below to understand how this bug works.
How bad is it?
As the bug is in WebKit, Apple’s browser rendering engine, it affectsSafari 15 on macOS, and all browsers on iOS 15 and iPadOS 15. So it’s a pretty helpless situation for iOS device users. But if you’re using a Mac, you can switch to Chrome, Edge, or any other browser for now.
A fix is on the way
WebKit’s GitHub repositorysuggests that Apple engineers have already worked on some potential fixes. But that doesn’t mean you’re safe automatically. Apple has to update the Safari browser with a fix, and it’s not that straightforward.
As the company has baked Safari into its operating system, it’s not simply the matter of issuing an app update. As Joe Rossignol, a reporter at MacRumors tweeted, the firm has to issue an emergency operating system update for macOS, iOS, and iPadOS.
Safari updates are still coupled to the operating system, so Apple will need to release macOS Monterey, iOS 15, and iPadOS 15 updates with a security fix.
Apple does offer standalone Safari updates for older macOS versions, so also expect a Safari update for Big Sur + Catalina.
— Joe Rossignol (@rsgnl)January 19, 2022
If you’re using older Mac versions like Big Sur or Catalina, you’ll be able to get a standalone update. We’ll keep an eye out for Apple’s bug-fixing release, and update this story.
Story byIvan Mehta
Ivan covers Big Tech, India, policy, AI, security, platforms, and apps for TNW. That’s one heck of a mixed bag. He likes to say “Bleh.“Ivan covers Big Tech, India, policy, AI, security, platforms, and apps for TNW. That’s one heck of a mixed bag. He likes to say “Bleh.”
Get the TNW newsletter
Get the most important tech news in your inbox each week.
