Last month, we warned you about a major security flaw affecting Apple’s Safari browser. This flaw potentially allowed hackers on one website to steal your personal information from other open sites, which is, you know, bad. After months of delay, Apple finally patched this gaping security breach, just in time for another to poke through the cracks.
According to Apple’s latest security notes, the company discovered a security flaw with WebKit, the foundation for Safari on iPhone, iPad, and Mac, as well as all third-party browsers on iOS and iPadOS. This WebKit bug opens the door for bad actors to put malicious code in the paths of unsuspecting Apple users. Should you process this malicious code on your device, hackers could utilize an arbitrary code execution exploit, which would allow them to run whatever code they wanted on your system.
Safari security flaws are a major problem, especially on mobile. Sure, on Mac, you can temporarily switch over to another browser, like Chrome or Firefox. On iOS or iPadOS, however, all browsers are really Safari in disguise, relying on the same WebKit foundation to operate. That means when WebKit has a security flaw, all mobile browsers have the flaw.
Apple says there is a report this security flaw might have been actively exploited already, meaning it is imperative all affected systems update as soon as possible. If you have an iPhone, iPad, or use Safari on your Mac, your devices count in that list. Luckily, that update is here, in the form of iOS 15.3.1, iPadOS 15.3.1, and macOS 12.2.1.
How to update and patch this Safari security bug
All you need to do to fix this Safari security bug is update your iPhone, iPad, or Mac as you normally would. To update on iOS or iPadOS, head to Settings > General > Software Update, then follow the on-screen instructions to download and install 15.3.1. On Mac, go to System Preferences > Software Update, then follow the on-screen instructions to download and install the macOS 12.2.1 update.