Safari bug is leaking users’ browsing history — but a fix is on the way

If you use an Apple device, chances are that Safari is your default browser. If that’s the case, you’ll want to avoid using Safari for a bit because a bug in the app could leak your entire browsing history.

Last week,  the team behind  FingerprintJS, a browser fingerprinting library, wrote a blog post about a vulnerability in Safari 15 that gives away your browser history. By exploiting this bug, an attacker can learn about what websites you’re visiting, and even see your Google ID for services like YouTube, Google Calendar, and Google Keep. You can read more about it here.

You can also look at the video below to understand how this bug works.

How bad is it?

As the bug is in WebKit, Apple‘s browser rendering engine, it affects Safari 15 on macOS, and all browsers on iOS 15 and iPadOS 15. So it’s a pretty helpless situation for iOS device users. But if you’re using a Mac, you can switch to Chrome, Edge, or any other browser for now.

A fix is on the way

WebKit’s GitHub repository suggests that Apple engineers have already worked on some potential fixes. But that doesn’t mean you’re safe automatically. Apple has to update the Safari browser with a fix, and it’s not that straightforward.

As the company has baked Safari into its operating system, it’s not simply the matter of issuing an app update. As Joe Rossignol, a reporter at MacRumors tweeted,
the firm has to issue an emergency operating system update for macOS, iOS, and iPadOS.

If you’re using older Mac versions like Big Sur or Catalina, you’ll be able to get a standalone update. We’ll keep an eye out for Apple‘s bug-fixing release, and update this story.





Source link

Leave a Reply

Your email address will not be published.