"Background Security Improvements deliver lightweight security releases for components such as the Safari browser, WebKit framework stack, and other system libraries that benefit from smaller, ongoing security patches between software updates."
"Processing maliciously crafted web content may bypass Same Origin Policy. By fixing a cross-origin issue in the Navigation API, Apple is ensuring that your bank login stays isolated from that random tab you opened five minutes later."
"Traditional updates can feel like a chore, often requiring a long download and a lengthy reboot. These background improvements are built to be different, essentially replacing the older Rapid Security Response system, aiming for a more reliable way to keep devices safe without disrupting your day."
Apple has introduced Background Security Improvements, a new system that delivers lightweight security patches for specific software components like Safari, WebKit, and system libraries without requiring full iOS or macOS updates. This first public rollout addresses a critical WebKit vulnerability (CVE-2026-20643) discovered by researcher Thomas Espach that could allow malicious websites to bypass the Same Origin Policy and access data from other open sites. The update arrives as iOS 26.3.1 (a), iPadOS 26.3.1 (a), and macOS 26.3.1 (a) or 26.3.2 (a). This approach replaces the older Rapid Security Response system, offering users convenience by eliminating lengthy downloads and reboots while maintaining device security.
#apple-security-updates #webkit-vulnerability #background-security-improvements #safari-browser-security #ios-security-patches
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]