Key Highlights:
- It Fixes the bug discovered in the Apple’s Safari web browser
- Checked, Alexa’s Top 1000 most visited websites to understand how many websites use IndexedDB
- Fixes another bug tracked as CVE-2022-22587 which is a memory corruption bug in the IOMobileFrameBuffer
iPhones are generally known for their expensive prices but that’s not the only case. Apple users understand and appreciate the constant updates that they receive on their phones. Recently, Apple released iOS 15.3 and iPadOS 15.3 that can patch the spill sensitive personal data, discovered in Apple’s Safari web browser, CVE-2022-22594.
Safari 15 was under scrutiny as there was a bug that could actually leak the user’s recent browsing history along with personal identifiers such as the Google User ID. Security firm FingerprintJS, discovered the bug in Safari’s application of the IndexedDB API “lets any website track your internet activity and even reveal your identity.”
Fixes the Safari Security Vulnerability
The report states, “We checked the homepages of Alexa’s Top 1000 most visited websites to understand how many websites use IndexedDB and can be uniquely identified by the databases they interact with.” “The results show that more than 30 websites interact with indexed databases directly on their homepage, without any additional user interaction or the need to authenticate.
The good news is that 9to5Mac tested the recent updates and found that the bug was fixed in the Safari security vulnerability.
Fixes Memory Corruption Bug
The recent update also fixes another bug tracked as CVE-2022-22587 which is a memory corruption bug in the IOMobileFrameBuffer that, under the right circumstances, could lead to kernel-level code execution. According to Bleeping Computer, iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) and macOS Monterey are included in the list of impacted devices.
Moreover, the Apple Insider report, the update that came out on 26 Jan 2021 doesn’t have any features and focuses solely on fixing bugs.
Also Read: Big tech companies not attending CES 2022
