Photo: Primakov (Shutterstock)
Last month, we warned you about a major security flaw affecting Apple’s Safari browser. This flaw potentially allowed hackers on one website to steal your personal information from other open sites, which is, you know, bad. After months of delay, Apple finally patched this gaping security breach, just in time for another to poke through the cracks.
According to Apple’s latest security notes, the company discovered a security flaw with WebKit, the foundation for Safari on iPhone, iPad, and Mac, as well as all third-party browsers on iOS and iPadOS. This WebKit bug opens the door for bad actors to put malicious code in the paths of unsuspecting Apple users. Should you process this malicious code on your device, hackers could utilize an arbitrary code execution exploit, which would allow them to run whatever code they wanted on your system.
Safari security flaws are a major problem, especially on mobile. Sure, on Mac, you can temporarily switch over to another browser, like Chrome or Firefox. On iOS or iPadOS, however, all browsers are really Safari in disguise, relying on the same WebKit foundation to operate. That means when WebKit has a security flaw, all mobile browsers have the flaw.
Apple says there is a report this security flaw might have been actively exploited already, meaning it is imperative all affected systems update as soon as possible. If you have an iPhone, iPad, or use Safari on your Mac, your devices count in that list. Luckily, that update is here, in the form of iOS 15.3.1, iPadOS 15.3.1, and macOS 12.2.1.
How to update and patch this Safari security bug
All you need to do to fix this Safari security bug is update your iPhone, iPad, or Mac as you normally would. To update on iOS or iPadOS, head to Settings > General > Software Update, then follow the on-screen instructions to download and install 15.3.1. On Mac, go to System Preferences > Software Update, then follow the on-screen instructions to download and install the macOS 12.2.1 update.
There is one caveat here; if you happen to be running the betas for iOS 15.4, iPadOS 15.4, or macOS 12.3, you’re all set. Those betas appear to patch the security flaw already, and, subsequently, beta testers have not received a new security update on their devices. If you’re interested in downloading and installing these betas on your devices, check out our guide here.
These latest updates don’t only make Safari safer; on iOS and iPadOS, 15.3.1 patches a bug affecting Braille displays. macOS 12.2.1, on the other hand, fixes a Bluetooth issue responsible for draining MacBook batteries quickly and completely. For all these reasons, you should update your Apple devices as soon as possible.