Jason Polakis

**Name of the Vulnerable Software and Affected Versions** macOS Monterey versions prior to 12.5 **Description** An information disclosure issue was addressed by removing the vulnerable code. This issue allows a website to track the websites a user visited in Safari private browsing mode. **Recommendations** For macOS Monterey versions prior to 12.5, update to macOS Monterey 12.5 to resolve the issue. As a temporary workaround, consider restricting the use of Safari private browsing mode until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 89.0.4389.72 **Description** The issue is related to side-channel information leakage in the autofill component of Google Chrome, which can be exploited by a remote attacker using a crafted HTML page to obtain potentially sensitive information from process memory. This is due to a use-after-free vulnerability in the autofill component. **Recommendations** For versions prior to 89.0.4389.72, update to version 89.0.4389.72 or later to resolve the issue. As a temporary workaround, consider disabling the autofill feature until a patch is available. Restrict access to sensitive information when using Google Chrome until the update is applied.