Apple says Safari iOS 17.3 patches four security and privacy vulnerabilities on older macOS editions, one of which may have been exploited.
This Apple support document explains that Safari 17.3 contains patches for three vulnerabilities discovered in WebKit, the rendering engine powering Safari.
The same update also squishes a privacy bug, discovered by Mark Bowers, that Apple says could expose your private browsing activity in System Settings.
Safari 17.3 is available to download and install on Mac computers powered by Monterey (macOS 12) or Ventura (macOS 13) via System Settings > General > Software Update. For those wondering, macOS Sonoma 14.3, iOS 17.3 and other updates released on January 23 fix those same WebKit issues as Safari 17.3.
Safari 17.3: WebKit security patches
One of the issues may let an attacker use malicious web content to run dangerous code on your device. “Apple is aware of a report that this issue may have been exploited,” the document reads. This issue was addressed with improved checks.
A similar issue exists where an attacker might fingerprint you when you visit a maliciously crafted webpage, which was fixed with improved access restrictions.
The third WebKit issue deals with processing web content, which may result in arbitrary code execution. Apple addressed it with improved memory handling.
More bug-fix updates for older system
Apple provided additional bug-fix software updates for older macOS versions. While the company doesn’t actively develop new features for older OS versions, it continues supporting users with emergency fixes and security patches for years.
If you own an older Mac powered by macOS Monterey or Ventura, use Software Update in System Settings to ensure you have the latest security and bug fixes.