Apple admits data leak flaw in Safari browser, will fix it soon

Recently, a new vulnerability inside the Safari 15 browser has been found. This vulnerability allows websites to gain access to a user’s browsing activity, even knowing the details of the Google account with which the user is logged in. It is known that the cause comes from the IndexedDB API function that Safari 15 uses which does not comply with the “same-origin” policy.

Because it is a vulnerability inside the system software, a security patch for macOS, iOS and iPadOS will have to be released to fix this vulnerability, users cannot simply update the application on the App Store.

After being published by FingerprintJS, Apple confirmed this vulnerability and said that an experimental update is being rolled out, but we cannot be sure when users will receive the official update.

To temporarily fix the above vulnerability, FingerprintJS says users should use another browser like Chrome. Disabling JavaScript can also limit the amount of data leaked, but does not completely fix this vulnerability.

In the near future, which can be one to a few weeks, an update of macOS, iOS as well as iPadOS will be released and users are recommended to update to new software versions to ensure data safety. Whether.