We are reader supported. External links may earn us a commission.

macOS

Remember that nasty Safari bug? Apple fixed it!

By Roland Udvarlaki January 27, 2022, 9:45 am
safari apple Source: Pocketnow

Apple released the latest iOS 15.3, iPadOS 15.3, and macOS Monterey 12.2 updates to the public, including various bug fixes and performance improvements to Apple devices. We have reported on the changes earlier today if you missed it. The new updates focus on one critical security flaw, which affected Apple’s own software, Safari.

The Safari bug was discovered and widely reported in the middle of January, and it was a rather serious bug in the Apple ecosystem. The bug allowed the Safari web browser to leak a user’s browsing history and activity, leaking personal and private information. The bug also shared some information from a linked Google account, if the user was signed in.

POCKETNOW VIDEO OF THE DAY

The software bug allowed websites to track users with their signed-in Google accounts. The bug allowed IndexedDB (an API that stores data in the browser) to provide access to websites, and share personal information of a user’s activity, Google account information, and more. The IndexedDB database is never shared publicly, and it doesn’t publish personal information, but a vulnerability was able to target a flaw in the system and gather information.

It’s also important to note that the bug doesn’t require the user to enter any personal information, or trigger any action, it works by default. If you rely on Safari on your iPhone, iPad, or Mac devices, it’s recommended that you update right away to prevent any malicious activity and to protect your private information. The bug affected all devices running Safari 15 on iOS 15, macOS Monterey, and iPadOS devices, since all of those are using Apple’s open-source WebKit engine (and third-party browsers such as Google Chrome, Microsoft Edge are also required to use that engine on iPhone and iPad).

"a tab or window that runs in the background and continually queries the IndexedDB API for available databases can learn what other websites a user visits in real-time. Alternatively, websites can open any website in an iframe or popup window in order to trigger an IndexedDB-based leak for that specific site."

iPhone 13 in Black

Apple iPhone 13

The iPhone 13 is the default smartphone from Apple for 2021. If you're looking for an experience that remains fast and fluid over years to come and not lacking on any hardware front, this is the device to get.

Search

Latest Articles

iOS

Here's how the Apple iPod changed the world in 21 years

iPod was an industry-changing device at its time, and it had a massive impact on modern smartphones, and the way we listen to music. We take a last look at the now-discontinued Apple iPod and the history it leaves behind.

By Roland Udvarlaki May 11, 2022, 10:00 am
iOS

How to use Mic Modes in VOIP and FaceTime Calls

This guide will go over the steps you need to follow to activate one of the available Mic Mode settings on Apple Devices to begin using the feature and improve your calling experience.

By Aryan Suren May 10, 2022, 10:00 am
Phones

This iPhone 14 feature might urge users to upgrade

Until now, it appeared that iPhone 14 would only be a minor upgrade over the iPhone 13 series. However, a new leak suggests that the iPhone 14 will come with one feature that might urge users to upgrade.

By Sanuj Bhatia May 9, 2022, 5:00 am