In recent days we told you about a bug related to Safari that could expose our history and other data in the hands of malicious people (our article here). Now Apple has prepared a fix which will be released later.

The fix for Safari is ready, coming with an upcoming version of the operating system

According to a WebKit commit on Github, Apple has prepared a fix, but it won’t be available until the updates are released macOS Monterey, iOS 15 And iPadOS 15, which will contain an updated version of Safari. The bug, still present, allows any website that uses IndexedDB for data storage to access the IndexedDB database names generated by other websites during a user’s browsing session.

The bug could allow a website to keep track of other sites visited by the user in different tabs or windows, and it could also work while visiting different sites in Private mode. The bug in question can only be worked around on Mac using an alternative browser, but not on iOS and iPadOS where all browsers must be based on WebKit.

The bug, according to a post by FingerprintJS, is not available for users with Safari 14 for Mac and or any other browser on iOS 14 And iPadOS 14. While regarding the release of the fix for users with Safari 15 and the latest versions of the OS for mobile devices, Apple did not want to provide a probable time frame for the public release. While waiting for the update, you can take a look at how this bug works, with this demo released by FingerprintJS.

