A security vulnerability in WebKit could allow attackers to remotely execute code through malicious web pages. The issue has been referenced as CVE-2023-23529 a report by Ghacks.net has said.
Apple states that the security flaw may have been actively exploited by hackers. It fixed the problem by addressing a type of confusion issue with improved checks.
The release notes for Safari 16.3.1 mentions that the vulnerability has also been patched in macOS Big Sur and macOS Monterey. You can update to the latest version of the browser from the System Preferences page on your Mac.
A second security bug in iOS 16.3.1, iPadOS 16.3.1 and macOS 13.2.1 was related to the Kernel in the operating systems. Hackers could use an app with kernel privileges to execute arbitrary code. The issue, which was discovered by Google Project Zero’s Ned Williamson and Xinru Chi of Pangu Lab, has been tracked as CVE-2023-23514. It’s funny how Pangu went from jailbreaking iOS to reporting vulnerabilities that could have been exploited for the same. The zero-day vulnerability was patched by improving the memory management of the OS. Apple has credited The Citizen Lab at The University of Toronto’s Munk School for assisting them with fixing the security loopholes.
macOS Ventura 13.2.1 has a third security patch, this time for the Shortcuts app, a bug found in it could have allowed apps to observe unprotected data. The flaw which is tracked as CVE-2023-23522 was reported by Wenchao Li and Xiaolong Bai of Alibaba Group. Apple improved the handling of temporary files to address the privacy issue.
The iOS 16.3.1 update is available for the iPhone 8 and later. The iPadOS 16.3.1 update has been released for the iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
iOS 16.3.1 fixes an issue with the iCloud Settings, which could stop responding or not display correctly if apps were using iCloud. This likely address the complaints from users being unable to use iCloud Backups too. Apple has patched Siri requests for the Find My feature. The update includes crash Detection optimizations on iPhone 14 and iPhone 14 Pro models. It is unclear what exactly has been fixed, but there have been numerous problems since the feature debuted, the most common complaint was false reports when users were skiing or were on a roller coaster, etc.
Contact: [email protected]