A vulnerability in WebKit could allow attackers to remotely execute code via malicious websites. According to a report by Ghacks.net, the issue has been dubbed CVE-2023-23529.
Apple states that the vulnerability may have been actively exploited by hackers. The issue was addressed by fixing some sort of confusion issue with improved reviews.
The release notes for Safari 16.3.1 mention that the vulnerability has also been patched in macOS Big Sur and macOS Monterey. You can update to the latest version of the browser from the System Preferences page on your Mac.
A second security flaw in iOS 16.3.1, iPadOS 16.3.1 and macOS 13.2.1 related to the kernel in the operating systems. Hackers could use an app with kernel privileges to run arbitrary code. Discovered by Google Project Zero’s Ned Williamson and Pangu Lab’s Xinru Chi, the issue was tracked as CVE-2023-23514. It’s funny how Pangu went from jailbreaking iOS to reporting vulnerabilities that could have been exploited for the same thing. The zero-day vulnerability was patched by improving the operating system’s memory management. Apple has credited the Citizen Lab at the University of Toronto’s Munk School with helping fix the vulnerabilities.
macOS Ventura 13.2.1 has a third security patch, this time for the Shortcuts app, a bug found in it may have allowed apps to observe unprotected data. The bug traced as CVE-2023-23522 was reported by Alibaba Group’s Wenchao Li and Xiaolong Bai. Apple has improved the handling of temporary files to solve the privacy problem.
iOS 16.3.1 update is available for iPhone 8 and later. The iPadOS 16.3.1 update was released for the iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
iOS 16.3.1 fixes an issue with iCloud settings that might stop responding or display incorrectly when apps use iCloud. This likely addresses the complaints from users who also can’t use iCloud backups. Apple has patched Siri requests for the Find My feature. The update includes improvements for crash detection on the iPhone 14 and iPhone 14 Pro models. It’s unclear exactly what was fixed, but there have been numerous issues since the feature was launched, the most common complaint being false reports when users were skiing or on a roller coaster, etc.
All rights reserved. No part of this material or any other digital content on this site may be reproduced, published, transmitted, transcribed or redistributed without the prior express written permission of PUNCH.
Contact: [email protected]