Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Apple releases iOS 16.5, iPadOS 16.5, macOS 13.4 updates to fix 3 actively exploited
#1
Information 
Quote:[Image: Apple-releases-iOS-16.5-iPadOS-16.5-macO...issues.jpg]

Apple has released iOS 16.5, iPadOS 16.5, macOS 13.4 after an extensive period of beta tests and release candidates. The updates address 3 actively exploited security issues in the operating systems.

Apple patches 3 critical security issues in iOS, iPadOS and macOS

iOS 16.5, iPadOS 16.5, macOS 13.4 ship with over 3 dozen security fixes. Apple has acknowledged that it is aware that three security issues were actively being exploited by attackers, so we'll focus on those here.

All three vulnerabilities are related to WebKit, which is the engine that powers Apple Safari, and is also used for web apps. The first issue, tracked under CVE-2023-32373, could have allowed malicious web pages to execute remote code. The bug was addressed with improved memory management.

CVE-2023-28204 is the tracking ID for the 2nd security issue. This was an out-of-bounds read bug that may have allowed web content to disclose sensitive information. It was patched by improving the input validation.

The above two issues were already patched in the Rapid Security Response update in iOS 16.4.1 (a), iPadOS 16.4.1 (a), and macOS 13.3.1 (a), that the Cupertino company released earlier this month.

The latest update for iPhones, iPads, and Mac fixes the third security vulnerability, CVE-2023-32409, which was reported by Clément Lecigne of Google's Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab, could let a remote attacker break out of Web Content sandbox. The release notes say that the issue was addressed with improved bounds checks.

Safari 16.5, macOS Big Sur 11.7.7 and macOS Monterey 12.6.6

The Safari 16.5 update is rolling out for macOS Big Sur and macOS Monterey to fix the above-mentioned security issues, and 2 other vulnerabilities in its web browser. macOS Big Sur 11.7.7 and macOS Monterey 12.6.6 are also available for download, and they include more security fixes.

Users can install the updates from the Settings > General > Software Update. It is advisable to install the security updates as soon as possible.

What's new in iOS 16.5 and macOS 13.4

The iOS 16.5, iPadOS 16.5, macOS 13.4 introduce a new feature, and a fix a couple of non-security bugs.

[Image: iOS-16.5-update-released.jpg]

Apple News gets a Sports Tab

The Apple News app on iOS now has a Sports tab at the bottom of the screen which you can use to read stories, get the latest scores, view the standings for the teams and leagues that you follow. It also has two new cards: My Sports score and schedule, that you can tap to find more details about the games. The new Sports section is available on the app's sidebar on Mac.

[Image: Apple-News-app-gets-a-Sports-Tab.jpg]

Screen Time settings should no longer reset, and will sync correctly across all of your devices. Apple says it has patched a bug related to Spotlight on iOS becoming unresponsive. Podcasts in CarPlay should now load content properly.

[Image: macOS-Ventura-13.4-update.jpg]

The macOS 13.4 Ventura update fixes an issue in that was causing Bluetooth keyboards to connect slowly after restarting. Apple says it has patched an issue with Apple Watch's Auto Unlock feature that was not logging the user into their Mac. VoiceOver should now work with navigating to landmarks on webpages.

The iOS 16.5, iPadOS 16.5, and macOS 13.4 updates bring a new Pride wallpaper with rainbow colors. Apple has also released tvOS 16.5 with MultiView for Apple TV 4K", and watchOS 9.5 for eligible devices.
...
Continue Reading
Reply


Messages In This Thread
Apple releases iOS 16.5, iPadOS 16.5, macOS 13.4 updates to fix 3 actively exploited - by harlan4096 - 19 May 23, 10:15

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Microsoft Edge fixes 0-day vulnerability...
Microsoft released...harlan4096 — 10:12
AnyDesk 8.0.9
AnyDesk 8.0.9:   ...harlan4096 — 10:10
AMD Confirms RDNA 3+ GPU Architecture F...
AMD Zen5-based Strix...harlan4096 — 10:08
Adobe Acrobat Reader DC 24.001.20629 (Op...
Adobe Acrobat Read...harlan4096 — 10:06
FastCopy 5.7.5
FastCopy 5.7.5: ...harlan4096 — 10:04

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>