Apple today released iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1 for the iPhone, iPad, and Mac, respectively, and it’s a good idea to install them as soon as you can because all three updates include important security fixes.
According to Apple’s security support documents for iOS and macOS, the new software includes fixes for two separate vulnerabilities, both of which were known by Apple to have been actively exploited in the wild.
The IOSurfaceAccelerator vulnerability could allow an app to execute arbitrary code with kernel privileges. Apple addressed the out-of-bounds write issue with improved input validation. The WebKit vulnerability could allow maliciously crafted web content to execute code. Apple fixed this issue with improved memory management.
Google’s Threat Analysis Group and Amnesty International’s Security Lab are credited with finding and reporting both issues to Apple.
Apple has also released a new Safari 16.4.1 update for macOS Monterey and macOS Big Sur, which likely addresses the WebKit vulnerability.
This article, “iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1 Fix Actively Exploited Vulnerabilities” first appeared on MacRumors.com
Discuss this article in our forums