Apple has released important security updates with the launch of iOS 16.5.1, macOS 13.4.1, and more today. These updates address critical security flaws that have been actively exploited. Users on the latest public software and older versions should update their devices immediately.
The key feature in iOS 16.5.1 is a fix for a bug related to the Lightning to USB Camera Adapter. Additionally, there are two crucial security patches included in the updates for most of Apple’s devices, including iPhone 6s and newer, modern iPads, Macs, and Apple Watches.
Two patches for exploited security flaws
The first patch addresses a vulnerability that allows the execution of arbitrary code with kernel privileges, while the second patch fixes a WebKit flaw that prevents maliciously crafted web content from executing arbitrary code.
Apple has confirmed that both flaws have been actively exploited, underscoring the urgency of updating your devices promptly.
Details of the security updates:
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of reports indicating active exploitation of this issue on versions of iOS released before iOS 15.7.
Description: An integer overflow vulnerability was fixed with improved input validation.
CVE-2023-32434: Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), and Boris Larin (@oct0xor) of Kaspersky
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of reports indicating active exploitation of this issue.
Description: A type confusion issue was addressed with improved checks.
WebKit Bugzilla: 256567
CVE-2023-32439: an anonymous researcher
FTC: We use income earning auto affiliate links. More.
