Apple launched late yesterday the new updates iOS 16.5, iPadOS 16.5, and macOS 13.4. These new versions included the functions already known and included in the betas for developers. However, there is a fact that we did not know and that is that the new versions fixed three important vulnerabilities, two of them solved with the security quick response iOS 16.4.1 (a). But another vulnerability is still active and it can only be solved if the devices are updated to the versions released yesterday.
Be sure to update your devices to fix vulnerabilities
A few days ago Apple released iPadOS and iOS 16.4.1 (a) and macOS 13.3.1 (a) as a security quick response, a new update mode. These updates allow include security patches without the need to start a tedious update process common. This allowed Apple to fix some of the active vulnerabilities that allowed hackers to access information without user control.
All the update notes of iOS 16.5, iPadOS 16.5 and macOS 13.4 were published just yesterday and were announced which vulnerabilities were fixed with the update. Among them, three vulnerabilities were found, two of them fixed in the previously mentioned rapid security response. In fact, one of them was still active after the update and it has been solved with iOS 16.5 and the rest of the updates. These two fixed security holes were related to web content processing that allowed the disclosure of sensitive information and arbitrary code execution.
It is a active WebKit vulnerability that allowed the hacker to break out of the web content sandbox. They were forwarded to Apple by Google's Threat Analysis Group and Amnesty International's Security Lab. The fixed solution went through improving the bounds checks to eliminate the vulnerability. remember