The issue is a vulnerability in the address bar spoofing feature of Safari on iOS devices. This allows attackers to manipulate the URL displayed in the address bar, potentially leading to phishing attacks or other malicious activities.
The issue is a vulnerability in the address bar spoofing feature of Safari on iOS devices. This allows attackers to manipulate the URL displayed in the address bar, potentially leading to phishing attacks or other malicious activities.
This is iOS 18.7.2 and iPadOS 18.7.2. If you're running these versions, you're affected. Check with: xcrun -sdk iphoneos clang --version (requires Xcode installation) or ioreg | grep IOAppGroupAccess
Note: This vulnerability is specific to Safari on iOS devices and does not affect other browsers like Chrome or Firefox.
Upgrade to iOS 18.7.3 or later.
- Immediate mitigations:
- Be cautious when clicking on links from unknown sources.
- Regularly update your device to the latest version of iOS.