Apple pushes out a fix to a Safari bug that was leaking browsing history and Google data
There’s no word from Apple on when the fix will be officially released to the public, however.
UPDATE 1/27/2022 10:31 AM ET: Apple officially released iOS 15.3. The update brings a few important security updates, including one that fixes the Safari bug that could leak your data to websites. The original story follows below.
Earlier this week, we published a pretty serious news story on how a Safari bug potentially leaked user data like browsing history and Google data. Apple promised a fix, and it is now pushing out an iOS 15.3 RC update and macOS Monterey 12.2 RC update to developers and beta users, reports 9to5Mac.
Initially discovered by FingerprintJS, the new bug showed up in Safari 15 and involved the Indexed Database API (IndexedDB). IndexedDB essentially stores data on certain websites directly on your device so that the sites might load faster in the future.
If you’re not a developer, this may not make any sense to you – there’s a lot of technical jargon thrown around, but the gist of it is that the bug causes the API to expose all of the data that it has collected to any website that users visit.
For a clearer understanding, FingerprintJS built a staging site that shows how the bug works. The site will show your recent browsing history along with details of your Google account.
Apple hasn’t publicly announced when it will officially release iOS 15.3 and macOS Monterey 12.2 to the public, but we should expect to see it go live sometime within the next week. If developers already have their hands on it, chances are we’ll get it soon too.
Until this update gets officially pushed out to the public, for the time being, use a different browser other than Safari.
UPDATE 1/27/2022 10:31 AM ET: Apple officially released iOS 15.3. The update brings a few important security updates, including one that fixes the Safari bug that could leak your data to websites.