CVE-2022-26731 Improved state management was addressed in macOS, iOS, and iPadOS.

This issue has been fixed in macOS Monterey 12.4, iOS 15.5 and Safari 11.0 on macOS High Sierra, iOS 15.5 and macOS High Sierra, iOS 15.5 and Safari 11.0 on iOS 15.5. A malicious website may be able to track users in private browsing mode.

We recommend upgrading to the latest version of these platforms. Visit Apple’s Software Update or MacUpdate to download and install the latest versions. An issue in private browsing mode may have allowed websites to track users. This issue has been fixed in iOS 15.5. We recommend upgrading to the latest version of these platforms. Visit Apple’s Software Update or MacUpdate to download and install the latest versions. An issue in private browsing mode may have allowed malicious websites to track users. This issue has been fixed in macOS High Sierra 10.13 and macOS High Sierra 10.13 on Mac. An issue may have allowed malicious websites to track users. This issue has been fixed in iOS 15.5. We recommend upgrading to the latest version of these platforms. Visit Apple’s Software Update or MacUpdate to download and install the latest versions.

A remote code execution vulnerability exists in the font rendering of TTF fonts on OS X.

To mitigate the issue, we recommend using a different font package like FontBook or TypeKit instead of Apple's fonts. A remote code execution vulnerability exists in the font rendering of TTF fonts on OS X. To mitigate the issue, we recommend using a different font package like FontBook or TypeKit instead of Apple's fonts.

References a style=\"color: red; text-decoration: none;\" href=\"https://support.apple.com/en-us/HT202226731\"

We recommend upgrading to the latest version of these platforms. Visit Apple’s Software Update or MacUpdate to download and install the latest versions.

Vulnerability Explanation

An issue in private browsing mode may have allowed websites to track users. This issue has been fixed in iOS 15.5

macOS High Sierra

, iOS 15.5 and Safari 11.0
This issue has been fixed in macOS High Sierra 10.13, iOS 15.5 and Safari 11.0 on macOS High Sierra, iOS 15.5 and macOS High Sierra, iOS 15.5 and Safari 11.0 on iOS 15.5. A malicious website may be able to track users in private browsing mode.

Timeline

Published on: 05/26/2022 19:15:00 UTC
Last modified on: 07/06/2022 23:15:00 UTC

References

• https://support.apple.com/en-us/HT213257
• https://support.apple.com/en-us/HT213258
• https://support.apple.com/kb/HT213256
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26731