The macOS Monterey 12.2 and iOS 15.3 release candidates that were released earlier today reportedly address a Safari bug that can reveal your recent browsing history and even expose your identity.
The bug allows websites that use IndexedDB to access the names of IndexedDB databases generated by other websites during a user’s browsing session. One website could use the bug to track the other websites visited by the user in different tabs or windows, as the database names are often unique and specific to each website. The correct behavior should be that websites only have access to their own IndexedDB databases.
Some websites use unique user-specific identifiers in IndexedDB database names. One such site, YouTube, creates databases that include a user’s authenticated Google User ID in the name, and this identifier can be used in combination with Google APIs to fetch personal information about the user, such as a profile picture, according to FingerprintJS. Bad actors could use the information to determine a user’s identity.
The bug affects recent versions of browsers using Apple’s open-source browser engine WebKit, including Safari 15 for Mac and Safari on all versions of iOS 15 and iPadOS 15. Third-party iOS and iPadOS browsers are also affected, as Apple requires all browsers to use WebKit on the iPhone and iPad.
FingerprintJS published a demo website to let users check to see whether they’re impacted, and 9to5Mac reports that after updating to the release candidate, the website detects no security holes.