Apple released numerous small updates for a variety of devices this week. While there aren’t any notable new features, iPhone, iPad, Mac, Apple Watch, HomePod, and Apple TV users should update them immediately.
Most importantly, the iOS 16.3.1, iPadOS 16.3.1, and macOS 13.2.1 updates all include the same WebKit security update that fixes a zero-day bug known to have been used to hack iPhones, iPads, and Macs :
WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution Apple is aware of a report that this issue may have been actively exploited. Description: A type confusion issue was addressed with improved trials. WebKit Bugzilla: 251944/CVE-2023-23529: an anonymous researcher
Apple hasn’t released any details on how the flaw might have been exploited. It’s the first zero-day bug, defined as a recently discovered security vulnerability, that Apple fixed this year. In addition to the WebKit patch, the iOS, iPadOS, and macOS updates also contain a fix for a “use after free” issue that could allow an app to run arbitrary code with kernel privileges.
The patch applies to iPhone 8 and later, iPad Air (3rd generation) and later, iPad (5th generation) and later, iPad mini (5th generation) and later, MacBook Pro (2017 and later), MacBook Air (2018 and higher). ), MacBook (2017 and later), iMac (2017 and later), Mac mini (2018 and later), and Mac Studio. There is also a new version 16.3 of Safari for Macs running macOS Big Sur and Monterey. While the version is the same as the previous one, the build number is updated to 167614.4.6.11.6 (Big Sur) and 177614.4.6.11.6 (Monterey).
A separate Big Sur update (11.7.4) for older Macs fixes a Safari issue where websites in the Favorites section of the home page lost their custom favorites and displayed generic gray icons instead.
Apple also released HomePod 16.3.2 and tvOS 16.3.2 updates for all models after rolling out the 16.3.1 updates earlier this month. The HomePod update also fixes an issue where polling Siri for smart home requests might fail. WatchOS 9.3.1 was also released for Apple Watch Series 4 and later with “bug fixes and important security updates,” although Apple has yet to release the specific CVE entries.
Finally, Apple has released a firmware update for the MagSafe cable on the 2021 and 2023 MacBook Pro and MacBook Air M2 with unspecified fixes.
To find the update on each of your devices:
iPhone and iPad: Go to the Settings app, then General and Software Update.
macOS Ventura: Go to the System Preferences app, then General and Software Update.
macOS Big Sur or Monterey: Go to the System Preferences app, then Software Update
Apple Watch: Go to the Watch app on your iPhone, then General and Software Update.
Apple TV: Go to the Settings app, then General and Update Software.
HomePod: On your iPhone, go to the Home app, then Home Settings and Software Update
MagSafe Cable: Plug it in, connect it to your Mac and wait for the update to install
