Apple is aware of a report that this issue may have been actively exploited.ĭescription: A use-after-free issue was addressed with improved memory management. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. This issue was first addressed in Rapid Security Response iOS 16.4.1 (a) and iPadOS 16.4.1 (a). Apple is aware of a report that this issue may have been actively exploited.ĭescription: An out-of-bounds read was addressed with improved input validation. Apple security documents reference vulnerabilities by CVE-ID when possible. Recent releases are listed on the Apple security updates page. Impact: Processing web content may disclose sensitive information. Apple on Monday rolled out security updates for iOS, iPadOS, macOS, and Safari to address a zero-day flaw that it said has been actively exploited in the wild. For our customers protection, Apple doesnt disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Apple is aware of a report that this issue may have been actively exploited.ĭescription: The issue was addressed with improved bounds checks.ĬVE-2023-32409: Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab Impact: A remote attacker may be able to break out of Web Content sandbox. Note: fixes for the second and third flaws were first made available with Rapid Security Response with iOS 16.4.1(a) on May 1.Īvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later Here are the three WebKit security patches that fix what are believed to be actively exploited flaws: While iOS had the most at 39, macOS with Safari 16.5, watchOS 9.5, and tvOS 16.5 also include important security updates. So even though there aren’t a lot of new features with the latest updates, they’re important to install.įor iOS, the security updates include patches for everything from kernel to CoreServices, Photos to Sandbox, Siri and Shortcuts, and System Settings to Weather, WiFi, and WebKit. Apple shared the latest vulnerability fixes on its security updates page. There are 39 vulnerabilities addressed in the latest iOS update and Apple notes that three of them were reported as actively exploited.Īpple shared the latest vulnerability fixes on its security updates page. iPhone or iPad: Go to Settings > General > Software Update > Automatic Updates, then make sure that Security Responses & System Files is. On Big Sur, Safari needs to be updated to version 16612.4.9.1.8, and on Catalina, version 15612.4.9.1.8.Included with iOS 16.5 comes a variety of important security fixes. If you've got a Mac, you'll also need to update macOS Monterey to version 12.2.1, and Safari on the two previous versions of macOS. On a less serious note, the update also fixes an issue that might have caused Braille displays to “stop working.” While that fix will only affect a relatively small group of people, it’s still important. It’s a great opportunity to do that work you’ve been procrastinating on since yesterday. So be sure to plug your phone into a power supply, especially if you’re under 50% power, and find something else to occupy yourself with in the meantime. It may take a while to sort out, depending on when you last updated your device. Both my devices were set up that way, but I still had to toggle the update manually. It’s worth checking even if you have automatic updates activated. The issue, tracked as CVE-2023-23529, concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution. One restarted, your device will confirm the update was successful, leaving you to go about your day. Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models. Make sure your device has at least 50% of its battery, or is plugged into a power supply, otherwise the option will be grayed out.ħ. Enter your passcode and agree to any terms and conditions that pop upĥ.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |