-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-03-17-2026-1 Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2
Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/126604. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. iOS 26.3.1 (a), iPadOS 26.3.1 (a), macOS 26.3.1 (a), macOS 26.3.2 (a) WebKit Available for: iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, macOS 26.3.2 Impact: Processing maliciously crafted web content may bypass Same Origin Policy Description: A cross-origin issue in the Navigation API was addressed with improved input validation. WebKit Bugzilla: 306050 CVE-2026-20643: Thomas Espach All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEhjkl+zMLNwFiCT1o4Ifiq8DH7PUFAmm54C8ACgkQ4Ifiq8DH 7PUGUw//S0SC2lJmp6tTNVubRojkwa1ppYTX/UXyJimhlpefU0mkxE4dRlqKzQP7 WA4VRAbKwCZMSoIMrsh+xAkk5noy70jKthNGRpWTi+YIVmxzxChmjbAjrueugiwJ CZWUyhshmbbFVIMB5agDx6OIvNm4J+eazERM8FHuqKFBkb2V4gcEuzsGd0LQa3BO EN0UYoU5vBDK7OaEYy7yYYTAcjQgLBW2A799ospesduvz9LY3R6ewenowAQAoxjF oxz426lRYkuOQ/cFNn1ejrBYBPadgDN4MkIiBmayU0fRqJHMBUZwjde4osJnHKz0 OKbVAlklfLExqtD3W5McOsNUbdncgLz/AL/gSE+Mi2SfK3gyE0ER5KF4ZaSfIBzM OeZm7jqkr+NORFf3BgoYmbzA4+J5UJ/FVN4aLoKQCLCYS8zq+lG1QNLSBkd3RWHW V3ieTzyI40SIVH/nFtPwxpcus0ckfrJkDqcEEpfFVadaenuw4QF6mW5ctdAOu1Zf DvluADw/kXnNRI4ENFMz5qctTQbCOCodmaA0jO46UekXFMpe/emOteA3yTMsIZXq C4WDFQDwaPqB6SRZoUw2l87bE3liHoS1mKKtb+YcPP0/MJLlU5N4YMLLHhaiz3DJ AV0gg/q7dGv0l2TJocWybRReTRhXuwVBaCCt9RKjjyUdD79vw0w= =dtpg -----END PGP SIGNATURE-----
