safari: Apple working on a fix for this security bug in Safari web browser – Times of India
Apple is working on a fix for a recently-reported bug in the Safari web browser, as per a report by 9To5Mac. The bug was reported by fingerprintjs.com and allows someone to extract the browsing history of the user and even the Google IDs stored there.
The security vulnerability was found in the implementation of IndexedDB, a Javascript API used to store data. With the aid of this bug, cybercriminals can see the recently accessed URLs and even obtain the Google User ID, which exposes your personal information.
As per the report by fingerprintjs.com, IndexedDB follows the same-origin policy which restricts how documents or scripts loaded from one origin can interact with resources from other origins. “In Safari 15 on macOS, and in all browsers on iOS and iPadOS 15, the IndexedDB API is violating the same-origin policy. Every time a website interacts with a database, a new (empty) database with the same name is created in all other active frames, tabs, and windows within the same browser session.”, added the report.
“Based on a WebKit commit on GitHub, Apple engineers are already preparing a fix for the Safari bug that leaks user data.”, said the report by 9To5Mac.
Though the date the fix is arriving is not clear yet, Apple is expected to send out the cure with a new version of the Safari browser (using the latest WebKit engine) with the updated builds of iOS 15 and macOS Monterey, as per a report by MacRumors.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.