Don’t have iOS 16.3? Apple tells you what you risk. The update to iOS 16.3.1 / iPaOS 16.3.1 includes, as usual, important bug fixes and security improvements.
Apple Music: how to switch from Individual to Family plan, and vice versa?
In a document on Apple’s support site, vulnerabilities fixed with the latest updates are indicated, reporting solutions for potential problems that could affect Kernel and WebKit.
In particular – reports Apple – a problem that could allow an app to execute arbitrary code with kernel privileges has been resolved, solved through better memory management.
The problem with WebKit (the “engine” of Safari) could allow the execution of arbitrary code, fixed through better controls.
The latest vulnerabilities “remediated” by Apple are tagged in dedicated databases with the identifiers CVE-2023-23529, CVE-2023-23514 and CVE-2023-23522. The types of risk are: Information Disclosure, Privilege Escalation and Remote Code Execution.
Apple reports that the vulnerability labeled as CVE-2023-23529 appears to be actively exploited on the network.
If you haven’t already done so, it is recommended that you patch by installing updates as soon as possible.