Apple releases iOS 15.3 and iPadOS 15.3 to fix actively exploited bug


Today Apple has outed its latest update for its mobile devices, which it’s releasing in the form of iOS 15.3 and iPadOS 15.3. These should already be available for devices that are still supported, and should be installed as soon as possible because they fix an actively exploited bug relating to memory corruption.

Additionally, another bug, this time in Safari’s WebKit implementation, allowed any website using a specific JavaScript API to access the names of other databases generated by other websites during the same browsing session.

Basically, a carefully formatted malicious site could spy on which other sites you visited while Safari was open, and because some websites use user-specific identifiers in their database names, even personal information could be leaked in this way.

Needless to say, this is bad, and since Apple forces third party browsers on iOS and iPadOS to use its rendering engine, this doesn’t just affect Safari but others like Chrome too. There are other vulnerabilities fixed by iOS 15.3 and iPadOS 15.3 too, you can find the full list at the Source linked below. While this update doesn’t bring any new features, the amount of security issues it fixes definitely make it worthy of your attention.

If your iPhone or iPad hasn’t yet notified you of the new update and you’re anxious to get it quickly, just head over to Settings > General > Software Update on your device.

Source | Via