While a fix emerged three weeks ago for the WebKit security bug affecting Apple products such as iPhone and Mac, Apple has yet to implement the fix. Researchers at the security firm Theori have found that WebKit mainly causes Safari to crash. However, following a re-check after the supplied fix, they discovered that the bug still remains on both iOS and MacOS.
“Patch-gapping” is the term for the time period between when a fix becomes available and the application of that fix to affected systems and products. In this case, Theori cautions Apple about waiting too long to make use of the fix for WebKit, lest attackers have more time and opportunity to compromise impacted systems.
