Apple has implemented a security patch to stop leaks of sensitive user information, such as browsing history or data corresponding to Google accounts, in the latest version of Safari.
The third update to version 15 of its operating system, iOS 15.3 and iPadOS 15.3, has fixed an issue found in the IndexedDB application programming interface (API) in Safari and in any other browser that uses WebKit, Apple's engine, in iOS 15 and iPadOS 15, as the company has pointed out on its Help page.
This is a bug found a few days ago that violates the same-origin policy (SOP), a security mechanism that restricts interaction between documents or scripts loaded from an origin with content from other locations.
Because of this, the safari bug, now fixed, allowed encrypted websites to extract information from your Google account, browsing history, and browser history. content of browser windows.
With this new update they have also fixed other problems with WebKit, such as processing an email message that could cause arbitrary language execution JavaScript or maliciously crafted web content rendering that could lead to arbitrary code execution.
This security patch also includes a fix for ColorSync, the 'software' that maintains color consistency across brand devices, and resolves a problem with iCloud validation, which had a bug that allowed unknown users access to files.
Another novelty is the solution of a bug in Model I/O, where the processing of an STL file was capable of causing problems in the execution of this program and, even, its unexpected closing.
All these solutions are available in the new iOS 15 update for mobile devices from iPhone 6S onwards, all models of iPad Pro, iPod Touch (7th generation ) and iPad Air from 2 to the latest releases.
In addition, it is possible to correct these errors by downloading this patch on iPad 5th generation devices and subsequent models, as well as iPad mini 4 and later versions of the brand.