tldrdailynews.com logo
Tag

Webkit

All articles tagged with #webkit

Apple rolls out continuous background security updates for iPhone, iPad and Mac
technology19 days ago

Apple rolls out continuous background security updates for iPhone, iPad and Mac

Apple has begun rolling out Background Security Improvements that run in the background between major OS updates, delivering lightweight security releases for WebKit, Safari, Mail and App Store across iPhone, iPad and Mac. The feature is supported on iOS 26.1, iPadOS 26.1 and macOS 26.1 and is enabled by default with an option to disable in Settings; the first rollout began March 17, 2026, with additional background updates expected between releases.

via USA Today|
#apple#background-security-improvements#iphone
Apple Rolls Out Background Security Improvements to Patch Flaws Between OS Updates
technology23 days ago

Apple Rolls Out Background Security Improvements to Patch Flaws Between OS Updates

Apple is rolling out Background Security Improvements—lightweight, between-update patches for Safari, WebKit, and other system libraries. These patches address vulnerabilities (including a Same Origin Policy bypass) without requiring a full OS update. To use them, enable Background Security Improvements in Settings > Privacy & Security (or System Settings on macOS) and install manually or automatically. The first updates appeared as iOS 26.3.1 / macOS 26.3.2 updates.

via Lifehacker|
#apple#ios#macos
Apple rolls out first Background Security patch to fix WebKit CVE-2026-20643
technology23 days ago

Apple rolls out first Background Security patch to fix WebKit CVE-2026-20643

Apple released the first Background Security Improvements update to fix a WebKit cross-origin flaw (CVE-2026-20643) that could bypass the Same Origin Policy. The lightweight patch arrives outside the normal OS update cycle for iOS 26.3.1, iPadOS 26.3.1, and macOS 26.3.1/26.3.2, and Apple recommends not uninstalling it since removing patches reverts the device to baseline security.

via BleepingComputer|
#apple#background-security-improvements#cve-2026-20643
Apple launches first lightweight Background Security Updates across macOS, iOS, and iPadOS
technology24 days ago

Apple launches first lightweight Background Security Updates across macOS, iOS, and iPadOS

Apple has started delivering Background Security Improvements—small, lightweight security patches for Safari/WebKit and other system libraries—across macOS, iOS, and iPadOS. These updates run in the background and require a device restart to complete, with the inaugural patch targeting WebKit on devices running iOS 26.1, iPadOS 26.1, and macOS 26.1. Apple says these patches install faster than full software updates.

via Engadget|
#apple#background-security-improvement#ios
Apple Alerts 800 Million iPhone Users to Critical WebKit Flaw
technology3 months ago

Apple Alerts 800 Million iPhone Users to Critical WebKit Flaw

Apple warns of two critical WebKit flaws that could let hackers take control of iPhones or iPads via malicious websites. A patch is available in iOS 26.2 / iPadOS 26.2, but with roughly 800 million devices still unpatched, many users remain at risk. The most vulnerable models include iPhone 11 and newer and various iPad generations. The recommended defense is updating to the latest software (automatic updates should already protect most users; otherwise, manually install iOS 26.2).

via Yahoo|
#apple#ios-262#iphone
Japan's New Law Challenges Apple's Browser Restrictions on iPhone
technology8 months ago

Japan's New Law Challenges Apple's Browser Restrictions on iPhone

Japan's Mobile Software Competition Act will require Apple to allow non-WebKit browsers on the iPhone, promoting competition and enabling browsers like Chrome and Firefox to use alternative engines. The law takes effect in December and builds on recent EU regulations, with similar expectations in the UK. Apple has already made some changes in the EU, but Japan's law aims to ensure a more open environment for web browsers on iOS.

via MacRumors|
#apple#browser-engines#iphone
The Search for WebKit-Free iPhone Browsers
technology9 months ago

The Search for WebKit-Free iPhone Browsers

Despite a 16-month-old EU ruling allowing iOS developers to use alternative browser engines, Apple continues to impose restrictions that hinder competition, according to the Open Web Advocacy group. These restrictions include legal and technical barriers that force developers to create separate apps for different regions, limiting user base growth and competition with Safari, which significantly contributes to Apple's revenue. Although support for non-WebKit browsers was added in iOS 17.4, critics argue that Apple's restrictions still prevent fair competition, with ongoing regulatory pressure in the UK.

via The Verge|
#apple#browser-engines#eu-regulations
Urgent iOS and macOS Updates Released to Patch Zero-Day Vulnerabilities
technology1 year ago

Urgent iOS and macOS Updates Released to Patch Zero-Day Vulnerabilities

Apple has released iOS 18.1.1, urging users to download it immediately due to critical security patches. The update addresses vulnerabilities in JavaScriptCore and WebKit, which could allow arbitrary code execution and cross-site scripting attacks, respectively. These issues were identified by Google's Threat Analysis Group, highlighting the importance of updating to protect against potential exploits.

via CNET|
#apple#ios-1811#javascriptcore
Apple Urges Immediate Updates for Mac Zero-Day Vulnerabilities
technology1 year ago

Apple Urges Immediate Updates for Mac Zero-Day Vulnerabilities

Apple has released security updates to address two zero-day vulnerabilities actively exploited in cyberattacks targeting Mac users. These vulnerabilities, found in WebKit and JavaScriptCore, could allow attackers to execute arbitrary code by tricking devices into processing malicious web content. The attacks, reported by Google's Threat Analysis Group, suggest possible involvement of government-backed actors. Apple urges users to update their devices immediately to protect against potential exploitation.

via TechCrunch|
#apple#cybersecurity#mac
Mozilla Calls Out Apple, Google, and Microsoft for Unfair Browser Practices
technology2 years ago

Mozilla Calls Out Apple, Google, and Microsoft for Unfair Browser Practices

Mozilla expresses disappointment with Apple's new rules in the EU, which allow browsers like Firefox to use their own engines on iOS but only in the EU, making it challenging for browsers to manage different versions. The change means third-party browsers could become fully functional on iOS without WebKit limitations, but Mozilla argues that Apple's proposals create barriers to true browser competition on iOS. Other developers, including Epic and Spotify, have also criticized the new rules, which are pending approval by the EU Commission.

via The Verge|
#apple#browserenginekit#ios
"Apple Issues Critical iOS 17.3 Update with Anti-Theft Feature and Zero-Day Vulnerability Patch"
technology2 years ago

"Apple Issues Critical iOS 17.3 Update with Anti-Theft Feature and Zero-Day Vulnerability Patch"

Apple has released iOS 17.3, urging all iPhone users to update immediately due to the fix of 16 security issues, including a vulnerability in WebKit already being exploited in real life attacks. The update also includes Stolen Device Protection and is crucial for older devices, as Apple no longer supports them with security updates. Additionally, iOS 16.7.5 and iOS 15.8.1 updates have been issued for older iPhone models, fixing multiple security issues, some of which are already being exploited. It is recommended for all iPhone users to update their devices to the latest software immediately.

via Forbes|
#apple#ios-173#iphone
"Apple's Swift Response: Patching Zero-Day Exploits in iOS 17.3 and macOS Sonoma 14.3"
technology2 years ago

"Apple's Swift Response: Patching Zero-Day Exploits in iOS 17.3 and macOS Sonoma 14.3"

Apple has released security updates to fix the first zero-day vulnerability exploited in attacks this year, impacting iPhones, Macs, and Apple TVs. Tracked as CVE-2024-23222, the WebKit confusion issue could allow attackers to execute arbitrary malicious code on vulnerable devices through a malicious web page. While the company is aware of in-the-wild exploitation, it has yet to attribute the discovery to a specific researcher. Users are advised to install the latest security updates to protect against potential attack attempts, with a comprehensive list of impacted devices provided.

via BleepingComputer|
#apple#exploitation#security
"Apple's iOS 17.2 Update: Security Patches, Journal App, and 3D Video Shooting"
technology2 years ago

"Apple's iOS 17.2 Update: Security Patches, Journal App, and 3D Video Shooting"

Apple has released security updates for iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address multiple security flaws, including two recently disclosed zero-days. The updates patch vulnerabilities in various components such as Bluetooth, AVEVideoEncoder, ExtensionKit, Find My, ImageIO, Kernel, Safari Private Browsing, and WebKit. Notable fixes include a critical Bluetooth vulnerability that could allow keystroke injection and two WebKit flaws that could lead to arbitrary code execution and a denial-of-service condition. The updates also include additional security enhancements, such as Siri bug fixes and Contact Key Verification for iMessage conversations. Apple has also released updates to address security issues in tvOS and watchOS, including two WebKit vulnerabilities actively exploited in the wild.

via The Hacker News|
#apple#ios#macos
Apple's Emergency Updates Patch Critical Security Flaws on Older iPhones
technology2 years ago

Apple's Emergency Updates Patch Critical Security Flaws on Older iPhones

Apple has released emergency security updates to address two zero-day vulnerabilities found in the WebKit browser engine, which is used by Safari across Apple's platforms. These flaws could allow attackers to access sensitive data and execute arbitrary code on unpatched devices. The updates cover older iPhones, Apple Watch, and Apple TV models. The vulnerabilities were discovered by a security researcher from Google's Threat Analysis Group (TAG), and while Apple has not provided details on their exploitation, Google TAG has previously identified zero-day flaws used in state-sponsored surveillance attacks. This marks the 20th zero-day vulnerability patched by Apple this year.

via BleepingComputer|
#apple#exploitation#security-updates
Apple Issues Urgent iOS Security Update for All iPhone Users
technology2 years ago

Apple Issues Urgent iOS Security Update for All iPhone Users

Apple has released an urgent software update, iOS 17.1.2, to patch two security exploits discovered in the previous release. The update addresses vulnerabilities in Apple's web browser engine, WebKit, which could potentially disclose sensitive information and lead to arbitrary code execution. Users are urged to download the update promptly. Additionally, law enforcement agencies are warning iPhone users about a feature called NameDrop, which allows easy sharing of contact information and photos but is defaulted to 'ON', potentially leading to unintended sharing of personal information.

via FOX 10 News Phoenix|
#apple#ios-update#namedrop