Oliver Haslam·

iOS 16.4.1, iPadOS 16.4.1, And macOS 13.3.1 All Fix Active Exploits

We’d suggest that everyone updates their iPhone, iPad, and Mac to the latest software after it was confirmed that those updates include huge security fixes.

As the release notes show, iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1 all include important security fixes for exploits that have been actively exploited according to Apple.

The two vulnerabilities are now fixed, with Google’s Threat Analysis Group and Amnesty International’s Security Lab being credited for alerting Apple to the security threats.

In the case of IOSurfaceAccelerator vulnerability, Apple in one of its support document tells us:

Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds write issue was addressed with improved input validation.

For those still using macOS Monterey or macOS Big Sur, a new Safari 16.4.1 update has been released that is thought to have dealt with the WebKit vulnerability specifically. Of course iOS 16.4.1 and iPadOS 16.4.1 contain this fix as well.

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A use after free issue was addressed with improved memory management.

We’d normally suggest that people install these updates anyway. But the news that they both involve fixes for actively exploited security flaws just drives home how important it can be to stay on top of software releases.

All of the new software updates are available for download now, for free, and can be found via the device’s Software Update mechanism.

You may also like to check out:

You can follow us on Twitter, or Instagram, and even like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple, and the Web.