Particle.news
Get it on Google Play
Download on the App Store
10 ARTICLES
·
8h ago

Apple Issues First Background Security Improvements to Patch WebKit Same‑Origin Flaw

The new mechanism aims to shorten the window for fixing high‑risk components like WebKit between full OS updates.

Image
Background Security Improvements in iOS 26.3.1
Apple's latest Background Security Improvement targets WebKit

Overview

  • Apple released iOS 26.3.1 (a), iPadOS 26.3.1 (a), macOS 26.3.1 (a), and a macOS 26.3.2 (a) build limited to MacBook Neo devices on March 17.
  • The update addresses CVE-2026-20643, a WebKit Navigation API issue that could let malicious content bypass the Same Origin Policy, using improved input validation to fix the flaw.
  • Background Security Improvements are installed from Settings > Privacy & Security with an option to enable automatic installation, and this release generally requires only a quick restart.
  • Apple cautions that rare compatibility issues may occur, noting BSIs can be temporarily removed and reissued, and users who skip them will receive equivalent fixes in a later standard update.
  • Apple previously trialed BSIs in 26.3 pre-release builds, and the company has not stated whether the WebKit vulnerability has been exploited in the wild.