Security vulnerabilities are discovered constantly in web browsers, and Apple just patched an exploit in Safari that was being used in the wild. Now’s the time to update your Apple devices.
Apple released Safari 15.6.1 this week, which includes a fix for a security vulnerability labelled as CVE-2022-32893. The bug allowed malicious web pages to execute code on devices, using an out-of-bounds write issue in Safari’s WebKit rendering engine. Apple says it is “aware of a report that this issue may have been actively exploited.”
Unlike Chrome, Firefox, and most other web browsers, new versions of Safari are mostly distributed through operating system updates. Apple has released macOS Monterey 12.5.1, iOS 15.6.1, and iPadOS 15.6.1 with the fix for Safari, as well as other security updates. There are also security updates rolling out for older versions of macOS, including Big Sur and Catalina.
You should update your Mac, iPhone, and/or iPad once you have some free time. iPhones and iPads use the WebKit engine to render all web pages, even if you use other apps for web browsing, like Firefox or Chrome. Mac owners that use third-party browsers are at a lower risk, but Safari is still used for login pages and other embedded web content across macOS.