Apple Updates iPhone, iPad And Mac Over 'Actively Exploited' Security Loophole
Apple has released a suite of software updates for the iPhone, iPad, and macOS, seeding bug fixes and boosting the security across its lineup of products. The changelogs might not look feature-loaded or exciting by any stretch of the imagination, but if you own any of the aforesaid class of Apple devices, you might want to install the iOS 16.3.1, iPadOS 16.3.1, and the macOS Ventura 13.2.1 updates right away. That's because each update fixes a critical vulnerability that has been exploited in the wild.
Reported by an anonymous researcher and labeled CVE-2023-23529, Apple says that it is aware of an incident where the flaw was "actively exploited." The vulnerability affects WebKit, the browser engine developed by Apple that powers its Safari web browser. Talking about the risks, Apple's support page mentions that it could allow a bad actor to write malicious code and remotely execute it. Also known as remote code execution, this technique can allow a hacker to remotely wreak all forms of havoc ranging from installing malware and stealing sensitive data to service denial, cryptojacking, and ransomware attacks.
How to get Apple's security updates
Apple hasn't detailed the extent to which the vulnerability was exploited, but it'd be a good idea to install the security patches as soon as possible. In addition to fixing security vulnerabilities, iOS 16.3.1 also resolves an iCloud bug that caused the cloud service's settings to become unresponsive. An issue that broke Siri requests for the Find My network has also been addressed. Apple has fine-tuned the Crash Detection system for the iPhone 14 quartet. In order to download iOS 16.3.1 and iPadOS 16.3.1 updates on your compatible device, follow this path: Settings > General > Software Update.
Coming to the macOS Ventura 13.2.1 update, Apple only mentions "important bug fixes" but doesn't specify what exactly those refinements are. The update has started rolling out and you can check for its availability on your Mac by tracing these steps: Settings > General > Software Update. On the security side of things, however, Apple has fixed two software flaws in macOS that could allow remote code execution, while the third vulnerability could allow an app to monitor unprotected user data.