Apple has released an urgent update for its mobile devices, and iOS 15.3 and iPadOS 15.3 should be installed as soon as possible as they fix a actively exploited memory corruption bug.

Also, another bug, this time in WebKit's implementation of Safari, allowed any website using a particular JavaScript API to access the names of other databases created by other websites during the same browsing session.

In effect, a carefully formatted malicious site could keep track of what other sites you visited while Safari was open, and since some websites use user IDs in their database names, even personal information can be leaked.

Since Apple is forcing third-party browsers on iOS and iPadOS to use their rendering engine, not only Safari is affected, but others like Chrome are also affected. There are other vulnerabilities fixed in iOS 15.3 and iPadOS 15.3.

Although this update does not contain any new features, the number of security issues it fixes makes it a very important one.

bbabo.Net