Apple introduces security updates for iOS, iPadOS and macOS. The update fixes critical vulnerabilities in the kernel and WebKit.
A first vulnerability is CVE-2023-32434 and affects the kernel of the operating system. The vulnerability can be: integer overflow This will result in an input number being out of memory range and causing a short circuit. This allows hackers to run arbitrary code with kernel privileges.
Zeroday number two, called CVE-2023-32439, causes excitement again type confusion in WebKit. A vulnerability in WebKit is almost always a reason for Apple to report, since WebKit is the underlying engine of the Safari browser. Apple also warns that both CVE-2023-32439 and CVE-2023-32434 have been actively exploited. For more information, see the release notes released by Apple.
Update now
Fortunately, Apple is quick to put out the fire. Apple last night released update files for iOS 16.5.1 and iPadOS 16.5.1 to close the vulnerability on supported iPhones and iPads. The patch is also available from version 15.7.7. macOS users are recommended to install version 13.4.1, version 12.6.7 and version 11.7.8 are also safe.
Of course, it is best to update your Apple products to one of the above versions today. Apple has been trying to roll out security updates for its various software packages more quickly since January. For the time being, this promise has been fulfilled.