The release candidates for the macOS Monterey 12.2 and iOS 15.3 appear to address a bug that could cause your browsing history to be leaked to malicious entities.
There is an issue with the WebKit implementation of the IndexedDB jаvascriptAPI discovered last week. The names of the databases generated by other websites can be accessed by any website that uses IndexedDB.
The bug allows a website to spy on other websites that the user visits while the browser is open, and because some websites use user-specific identifiers in their IndexedDB database names, personal information can be gleaned about the user and their browsing habits.
The browsers that use Apple's WebKit engine are impacted. Some third-party browsers are affected by the vulnerability, but the macOS Monterey 12.2, iPadOS 15.3 and iPadOS 15.3 updates fix it.
After updating to the new software, the website detected no security holes, as 9to5Mac notes.
The website tells users about their accounts. The demo website was able to detect our Google account after we tested on the two operating systems. The demo website stopped detecting data after the update to the macOS Monterey 12.2 RC and the iOS 15.3 RC.
We knew that Apple was working to address the vulnerability in a timely manner after Apple uploaded the fix for the bug to the WebKit page. We could see these updates made available to the public as soon as next week because the macOS Monterey 12.2 and iOS 15.3 release candidates are now available.
All Rights Reserved © 2024
