{"id":18663,"date":"2022-04-04T06:30:26","date_gmt":"2022-04-04T14:30:26","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/04\/04\/news-12396\/"},"modified":"2022-04-04T06:30:26","modified_gmt":"2022-04-04T14:30:26","slug":"news-12396","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/04\/04\/news-12396\/","title":{"rendered":"Why you need to always update Safari on iPhone | Kaspersky official blog"},"content":{"rendered":"

Credit to Author: Alex Drozhzhin| Date: Mon, 04 Apr 2022 13:34:04 +0000<\/strong><\/p>\n

Lots of iPhone users aren’t crazy about the iOS built-in browser, Safari, and prefer to use an alternative \u2014 Google Chrome, Mozilla Firefox, or even something more exotic like DuckDuckGo, Brave or Microsoft Edge (yes, there’s Edge for iOS!).<\/p>\n

iPhone users who prefer alternative browsers might get lulled into thinking that the vulnerabilities in Safari and the WebKit engine don’t present a direct danger to them. Unfortunately, this isn’t the case. In this post, we give you the lowdown and tell you why you need to make sure that Safari and WebKit on your iPhone are always updated in time.<\/p>\n

Every browser in iOS is Safari<\/h2>\n

Every browser is based on what is called an “engine.” The engine processes the code that is received from the internet and transforms it into the web pages that the browser ultimately shows the user. Of course, the browser has a bunch of other necessary and useful parts that direct the engine and ensure that the additional features work. Think of the browser engine like the engine of a car: it’s the most important part of a browser and without it you won’t get anywhere.<\/p>\n

There are three major browser engines in the world. Google uses its own V8 engine<\/a> in its Chrome and Chromium browsers, while Microsoft Edge and dozens of other browsers are based on Chromium. There is also the Gecko<\/a> engine \u2014 its modern version is called Quantum \u2014 which Mozilla developed and supports for the Firefox browser and a few others. Finally, the third giant of the modern web is Apple’s engine \u2014 Webkit<\/a>, which is used in the Safari browser.<\/p>\n

But here’s the thing. The Chrome and Firefox versions for desktop computers and Android are built on Google’s V8 engine and Mozilla’s Gecko\/Quantum engine, respectively. However, it’s a different story for iPhones. In keeping with Apple’s policies, there is only one<\/a> engine permitted in iOS \u2014 you guessed it: WebKit. This means that all browsers for iOS are essentially Safari with different user interfaces.<\/p>\n

\"Excerpt<\/a><\/p>\n

Excerpt from the iOS app developer rules: “Apps that browse the web must use the appropriate WebKit framework and WebKit JavaScript.”<\/p>\n<\/div>\n

This means that all vulnerabilities found in WebKit present a danger for users of any<\/em> browsers for iOS. Since iPhones are a very tempting target for hackers, security specialists study the WebKit engine all the more closely, and as a result, they find vulnerabilities in it rather often. This includes vulnerabilities that attackers are already using in the wild.<\/p>\n

One of the most dangerous types of vulnerabilities in a browser engine is a so-called zero-click vulnerability, which allows bad actors to infect an iPhone without any action by the user. When this kind of vulnerability is exploited, the user doesn’t need to be convinced to download or install anything. All the attacker needs do is draw the victim to a specially built website with malicious code or hack a popular site and implant the malicious code in it. After the user visits such a site through a vulnerable browser, the attackers can take control of the iPhone.<\/p>\n

How to update Safari and WebKit<\/h2>\n

It’s important to remember that the update of the WebKit engine and Safari browser isn’t related to the update of the browser apps you’re using. Google Chrome automatically updates from the App Store \u2014 that is, if you haven’t disabled this option, and we don’t recommend that you do \u2014 but in essence this is an update of the shell program, not the engine. So this won’t solve the problem of vulnerabilities in WebKit.<\/p>\n

To avoid vulnerabilities in both the WebKit engine and Safari browser, you need to install the appropriate iOS updates. The best thing to do is to make sure to install all the latest operating system updates \u2014 after all, the vulnerabilities aren’t just in the browser engine but also in other important components of iOS.<\/p>\n

To update your iPhone, go to Settings \u2192 General \u2192 Software Update<\/em>. If you see a button on the screen that says Download and Install<\/em>, tap it and follow the instructions.<\/p>\n

\"Where<\/a><\/p>\n

Where to find the iOS update in your iPhone’s settings<\/p>\n<\/div>\n

Don’t be afraid of iOS updates<\/h2>\n

A lot of users are lukewarm about updating the operating system: some people don’t like having to get used to new features in the interface, some worry about having less storage, while others fear that after an update the iPhone may start to slow down or some old apps that are no longer supported in the new version will stop working.<\/p>\n

These fears aren’t totally unfounded. It’s true that Apple does sometimes make the interface less user-friendly. It’s also true that each new version of the system takes up a bit more storage than the previous one and leaves less space for your files. And it’s no myth that iPhones have slowed down after an update \u2014 this has been documented<\/a>.<\/p>\n

But we still recommend that you always keep your iPhone updated: doing so is crucial for keeping your data safe and ensuring that it doesn’t fall into the wrong hands. Unfortunately, there is no full-fledged antivirus for iOS<\/a>. That means that the iPhone’s security is contained only in Apple’s protection mechanisms, so any hole in them without a system update remains an open door for hackers.<\/p>\n


https:\/\/blog.kaspersky.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Alex Drozhzhin| Date: Mon, 04 Apr 2022 13:34:04 +0000<\/strong><\/p>\n

Why iPhone and iPad users need to always update Safari and WebKit even if they use Chrome, Firefox or any other browser.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10425,10378],"tags":[24586,12014,10699,11122,10480,8826,10543,10428,10752],"class_list":["post-18663","post","type-post","status-publish","format-standard","hentry","category-kaspersky","category-security","tag-0days","tag-browsers","tag-chrome","tag-firefox","tag-ios","tag-iphone","tag-safari","tag-tips","tag-vulnerabilities"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18663","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=18663"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18663\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=18663"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=18663"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=18663"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}