TECH

Update your iPhone, iPad and Mac today because there are fixes for active exploits inside.

on Leave a Comment on Update your iPhone, iPad and Mac today because there are fixes for active exploits inside.

Apple releases new security patches

   

AppleInsider may earn affiliate commissions for purchases made through links on our site.

New Ventura patches for iOS, iPadOS and macOS released on Friday address two security issues, one of which appears to have been hacked.

On Friday, the company released updates for iOS 16.4.1 and macOS Ventura 13.3.1. They fixed the Apple Watch auto-unlock feature on Mac and the Siri response issue.

Next, as is usually the case with new Apple releases, the company has also updated its web page for security updates. Both releases contain the same security fixes, discovered by Clement Lesin of the Google Threat Intelligence Team and Donncha O Cearbhale of the Amnesty International Security Lab.

Patches for iOS & macOS

Users can update their operating systems by selecting Settings > General > Update software on their iPhone and Mac.

IOSurfaceAccelerator

  • Available for: macOS Ventura, iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
  • Impact. An application can execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
  • Description: An out-of-bounds write issue was addressed with improved input validation.
  • CVE-2023-28206: Clement Lesin of the Google Threat Intelligence Team and Donncha O Kirbhale of the Amnesty International Security Lab.

WebKit

  • Available for: macOS Ventura, iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5 5th generation and later, and iPad mini 5th generation and later.
  • Impact. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
  • Description: An after-free use issue was addressed with improved memory management.
  • < strong>CVE-2023-28205: Clement Lesin of the Google Threat Intelligence Team and Donncha O Kirbhale of the Amnesty International Security Lab.

You may also like...

Popular Posts

Leave a Reply

Your email address will not be published. Required fields are marked *