Apple Users Should Update Their Devices Immediately

Apple has released updates to iOS, iPadOS, macOS, and watchOS that fix a major vulnerability in Safari....
Apple Users Should Update Their Devices Immediately
Written by Matt Milano

Apple has released updates to iOS, iPadOS, macOS, and watchOS that fix a major vulnerability in Safari.

A vulnerability was discovered in Safari earlier this month by FingerPrintJS, one that let “any website track your internet activity and even reveal your identity.” The issue revolved around Apple’s implementation of IndexedDB, a common API that most browsers use to store data. Unfortunately, Apple’s implementation leaked user data.

While Apple doesn’t go into detail on the specifics of security fixes when it releases an update, to prevent the issue from being further exploited, the most recent OS updates specifically list CVE-2022-22594, the ID used to identify the flaw. The release notes also credit FingerPrintJS for discovering the bug.

Impact: A website may be able to track sensitive user information

Description: A cross-origin issue in the IndexDB API was addressed with improved input validation.

CVE-2022-22594: Martin Bajanik of FingerprintJS

Needless to say, all Apple users should update their various devices immediately. This is especially important on iOS, since all iOS web browsers use Safari’s rendering engine.

Get the WebProNews newsletter delivered to your inbox

Get the free daily newsletter read by decision makers

Subscribe
Advertise with Us

Ready to get started?

Get our media kit

Advertise with Us