Apple's latest batch of software updates patch a number of vulnerabilities, including a Safari flaw that could have leaked browsing data and another bug that may have been used in the wild.
Apple MacBook Pro model
The Cupertino tech giant on Wednesday released iOS 15.3, iPadOS 15.3, macOS Monterey 12.2, and other software updates to the public. Most of the updates had few to no new features and were focused on bug fixes.
For example, iOS 15.3, iPadOS 15.3, and macOS 12.2 mitigate a Safari fingerprinting bug that could have allowed websites to see a user's Google ID and browsing history, according to the company's security updates page.
That wasn't the only issue that the new updates fix. For example, the updates also address an IOMobileFrameBugger problem that could have allowed a malicious application to executive code with kernel privileges. Apple says it's aware of a report that this vulnerability may have been actively exploited.
Other bugs that were patched include a Crash Reporter issue that could have allowed bad actors to gain root privileges, a ColorSync flaw that could allow arbitrary code execution via maliciously crafted file, and an iCloud bug that may have allowed an application to access a user's files.
Although some of the vulnerability fixes applied to Apple's underlying technology across iOS and macOS, some were operating system-specific. macOS 12.2, for example, fixes a PackageKit flaw that may have allowed an application to access restricted files.
Many of the Mac-specific bugs were also fixed in a Security Update to macOS Catalina and a new macOS Big Sur 11.6.3 update that Apple released Wednesday.
Notably, the security updates are now only included in iOS 15 point releases. Earlier in 2021, Apple stopped issuing iOS 14 bug fixes after promising to keep the older operating system up-to-date for a period of time.