Apple releases iOS 15.3 and iPadOS 15.3 to fix actively exploited bug
Today Apple has outed its latest update for its mobile devices, which it's releasing in the form of iOS 15.3 and iPadOS 15.3. These should already be available for devices that are still supported, and should be installed as soon as possible because they fix an actively exploited bug relating to memory corruption.
Additionally, another bug, this time in Safari's WebKit implementation, allowed any website using a specific JavaScript API to access the names of other databases generated by other websites during the same browsing session.
Basically, a carefully formatted malicious site could spy on which other sites you visited while Safari was open, and because some websites use user-specific identifiers in their database names, even personal information could be leaked in this way.
Needless to say, this is bad, and since Apple forces third party browsers on iOS and iPadOS to use its rendering engine, this doesn't just affect Safari but others like Chrome too. There are other vulnerabilities fixed by iOS 15.3 and iPadOS 15.3 too, you can find the full list at the Source linked below. While this update doesn't bring any new features, the amount of security issues it fixes definitely make it worthy of your attention.
If your iPhone or iPad hasn't yet notified you of the new update and you're anxious to get it quickly, just head over to Settings > General > Software Update on your device.
Related
Reader comments
- Anonymous
- 30 Jan 2022
- puk
Except they don't. Especially not on low end devices. There you mostly get single major update and single extra year of security updates. And we're talking brand names like Oppo that are anything but small or irrelevant. There is also tons ...
- Son of Android
- 29 Jan 2022
- Nu7
See alaye Forget about that your proudful iOS updates . most Android update doesn't really matter on level entry devices . And let me tell something And update does not really matter in terms of low devices What really matters ar...
- Anonymous
- 28 Jan 2022
- puk
WebKit identity leak bug was apparently reported to WebKit bug tracker on 28th November 2021 and was detailed on 14th January 2022. I don't know how you managed to get 4 months out of 2, but I'm not surprised Apple haters are making things ...