Remember that horrible, awful, no good Safari bug that exposes your browser history and Google account details? Well, Apple has fixed it, but the world will have to wait a little while for that fix.
According to 9to5Mac, the issue has been fixed in RC (release candidate) versions of Apple's mobile and desktop operating systems, iOS 15.3 RC and macOS Monterey 12.2 RC.
The bug was discovered by cybersecurity company FingerprintJS, which also built a test website to show how the vulnerability can be exploited in the real world. 9to5Mac has tested Safari in the new versions of iOS and macOS on that website, and it doesn't appear to be vulnerable anymore, indicating that Apple has indeed patched the bug.
The bug was a particularly nasty one, as it allowed a malicious website to steal a user's browser history and other account details without user intervention — just by the act of using Safari to browse such a website. Even using Safari's Private Mode did not fully mitigate the issue. Here is an explanation of how it works.
The fix is still not widely available, though. Release Candidate versions of software are typically only released to developers, as has been the case with iOS 15.3 RC and macOS 12.2 RC. It will likely take a couple of days for them to become widely available to all users.
TopicsCybersecurity