Apple released the new iOS 16.5, iPadOS 16.5 and macOS 13.4 updates late yesterday. These new versions included the functions already known and included in the betas for developers. However, there is one fact that we did not know and that is that the new versions fixed three important vulnerabilities, two of them have been resolved with iOS 16.4.1(a) security quick response. But another vulnerability is still active and this can only be fixed if the devices are updated to the versions released yesterday.
Make sure to update your devices to fix vulnerabilities
A few days ago, Apple released iPadOS and iOS 16.4.1(a) and macOS 13.3.1(a) as Security Rapid Response, a new update mode. These updates allow include security patches without having to start a tedious update process commmon. This allowed Apple to patch some of the active vulnerabilities that allowed hackers to access information without user control.
Related article:
iOS 16.5 now officially available: these are its news
iOS 16.5, iPadOS 16.5 and macOS 13.4 patch notes were released yesterday and revealed which vulnerabilities were fixed with the update. Among them, three vulnerabilities were found, two of which were fixed in the previously mentioned rapid security response. Actually, one of them was still active after the update and it was solved with iOS 16.5 and the rest of the updates. Both of these fixed security flaws were related to the processing of web content that allowed the disclosure of sensitive information and the execution of arbitrary code.
It’s a active WebKit vulnerability which allowed the hacker to break out of the web content sandbox. They were passed to Apple by Google’s Threat Analysis Group and Amnesty International’s Security Lab. The fixed solution was to improve the boundary checks to eliminate the vulnerability. remember