Apple's latest iOS and macOS updates fix a major web security flaw

Jon Fingas
·Reporter
·1 min read
David Imel for Engadget

You'll want to update your Apple devices soon if you value up-to-the-minute software security. 9to5Mac notes Apple has released iOS 15.3.1, iPadOS 15.3.1, macOS Monterey 12.2.1 and watchOS 8.4.2 updates that all fix a significant WebKit security flaw. Specially crafted websites can take advantage of a "use after free" bug (that is, referencing memory after it's freed for use) to run arbitrary code on your device. This isn't a theoretical exercise, either — Apple said there was at least one report of the vulnerability being "actively exploited" before a patch was ready.

The macOS upgrade also fixes a battery drain issue for Intel-based MacBooks, although 9to5 said users with M1-based Macs have also noticed the glitch. Install the new iOS version, meanwhile, and it should fix a problem with unresponsive Braille displays.

This is the third in-the-wild exploit Apple has patched in 2022, including a kernel flaw as well as a Safari bug that could leak your browser history and Google account info. While they're not exciting upgrades, they do suggest Apple is determined to keep up with would-be attackers — and that there are more threats to deal with in the first place.

