Apple has released many small updates for a variety of devices this week. While there aren’t any new features to speak of, iPhone, iPad, Mac, Apple Watch, HomePod, and Apple TV users should update now.
More importantly, the iOS 16.3.1, iPadOS 16.3.1, and macOS 13.2.1 updates all include the same WebKit security update that fixes a zero-day flaw known to have been used to hack iPhones, iPads and Mac:
Webkit
- Impact: Processing maliciously crafted web content may lead to the execution of arbitrary code Apple is aware of a report that this issue may have been actively exploited.
- Description: A type confusion issue was addressed through improved checks.
- WebKit Bugs: 251944/CVE-2023-23529: an anonymous researcher
Apple has not released details on how the flaw was exploited. This is the first zero-day flaw, defined as a newly discovered security vulnerability, which Apple patched this year. In addition to the WebKit fix, the iOS, iPadOS, and macOS updates also include a fix for a “use after release” issue that could allow an app to execute arbitrary code with kernel privileges.
The patch is for iPhone 8 and later, iPad Air (3rd gen) and later, iPad (5th gen) and later, iPad mini (5th gen) and later, MacBook Pro (2017 and later) , MacBook Air (2018 and later), MacBook (2017 and later), iMac (2017 and later), Mac mini (2018 and later), and Mac Studio. There’s also a new version 16.3 of Safari for Mac running macOS Big Sur and Monterey. Although the version is the same as the previous one, the build number will be updated to 167614.4.6.11.6 (Big Sur) and 177614.4.6.11.6 (Monterey).
A separate Big Sur update (11.7.4) for older Macs fixes a Safari issue where websites in the Favorites section of the start page lost their custom favicons and displayed generic gray icons instead.
Apple also released HomePod 16.3.2 and tvOS 16.3.2 updates for all models, following the 16.3.1 updates earlier this month. The HomePod update also fixes an issue where asking Siri for smart home requests can fail. WatchOS 9.3.1 has also been released for Apple Watch Series 4 and later with “important bug fixes and security updates”, although Apple has yet to release the specific CVE entries.
And finally, Apple pushed a firmware update for the MagSafe cable on the 2021 and 2023 MacBook Pro and MacBook Air M2 with unspecified fixes.
Here’s how to find the update on each of your devices:
iPhones and iPads: Go to the Settings app, then GeneralAnd Software update
upcoming macOS: Go to the System Settings app, then General And Software updatee.
macOS Big Sur or Monterey: Go to the System Preferences app, then Software update
Apple Watch: Go to the Watch app on your iPhone, then GeneralAnd Software update
AppleTV: Go to the Settings app, then GeneralAnd Update software
HomePod: Go to the Home app on your iPhone, then Home settingsAnd Software update
MagSafe cable: Plug it in, connect to your Mac and wait for the update to install