Apple's latest batch of software updates patch a number of vulnerabilities, including a Safari flaw that could have leaked browsing data and another bug that may have been used in the wild.
The Cupertino tech giant on Wednesday released iOS 15.3, iPadOS 15.3, macOS Monterey 12.2, and other software updates to the public. Most of the updates had few to no new features and were focused on bug fixes.
For example, iOS 15.3, iPadOS 15.3, and macOS 12.2 mitigate a Safari fingerprinting bug that could have allowed websites to see a user's Google ID and browsing history, according to the company's security updates page.
That wasn't the only issue that the new updates fix. For example, the updates also address an IOMobileFrameBugger problem that could have allowed a malicious application to executive code with kernel privileges. Apple says it's aware of a report that this vulnerability may have been actively exploited.
Other bugs that were patched include a Crash Reporter issue that could have allowed bad actors to gain root privileges, a ColorSync flaw that could allow arbitrary code execution via maliciously crafted file, and an iCloud bug that may have allowed an application to access a user's files.
Although some of the vulnerability fixes applied to Apple's underlying technology across iOS and macOS, some were operating system-specific. macOS 12.2, for example, fixes a PackageKit flaw that may have allowed an application to access restricted files.
Many of the Mac-specific bugs were also fixed in a Security Update to macOS Catalina and a new macOS Big Sur 11.6.3 update that Apple released Wednesday.
Notably, the security updates are now only included in iOS 15 point releases. Earlier in 2021, Apple stopped issuing iOS 14 bug fixes after promising to keep the older operating system up-to-date for a period of time.
3 Comments
"the updates also address an IOMobileFrameBugger problem"
This update has still not fixes the messages app not sending sound or banner notifications. Many people have complained to apple about this but the problem has not been addressed. You never know you have a new message unless you check for yourself!
Good to know this is a thing. I thought it was just my iPad not getting messages banners or sounds. It also would be nice if Apple would return the function to Siri to let her add to existing notes and read emails from VIPs. Return all deleted Siri function, in fact. It always seems as if Siri is an afterthought with Apple, and by the lack of new information anywhere to be found about Siri consumers have followed Apple‘s lead. I know I find potential AR more useful. Not.