Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



iOS Security Update Patches Exploited Vulnerability in Older iPhones

Apple has released security updates for older iPhones to address a vulnerability exploited in attacks.

Apple this week announced fresh security updates for macOS and iOS, including patches that address an exploited vulnerability in older iPhone models.

The issue, tracked as CVE-2023-23529, was initially addressed as a zero-day in mid-February, with the release of iOS and iPadOS 16.3.1 and macOS Ventura 13.2.1. Apple credited an anonymous researcher for reporting the bug.

Impacting WebKit, the flaw can lead to arbitrary code execution during the processing of maliciously crafted web content and was addressed with improved checks.

“Apple is aware of a report that this issue may have been actively exploited,” the Cupertino-based tech giant notes in its advisory.

Patches for this vulnerability are included in iOS 15.7.4 and iPadOS 15.7.4, which are now rolling out to all iPhone 6s and iPhone 7 models, first-generation iPhone SE, iPad Air 2, fourth-gen iPad mini, and seventh-gen iPod touch.

The security update contains fixes for a total of 16 vulnerabilities that could lead to information leaks, memory write, arbitrary code execution, VPN server spoofing, and to the use of sensitive user data to perform certain actions.

This week, Apple also released security updates for the latest-generation iPhone and iPad models, to address a total of 33 vulnerabilities. Rolling out as iOS 16.4 and iPadOS 16.4, the platform updates also bring several user-experience enhancements.

Advertisement. Scroll to continue reading.

Nearly 60 vulnerabilities were addressed with the release of macOS Ventura 13.3 this week. macOS Monterey 12.6.4 and Big Sur 11.7.5 were released with patches for over 25 vulnerabilities each.

The tech giant also patched two vulnerabilities with the release of Safari 16.4, which is now available for macOS Big Sur and macOS Monterey users.

Security updates are also available for tvOS and watchOS, as well as for Studio Display firmware for macOS Ventura. Further information on the addressed vulnerabilities can be found on Apple’s support website.

Related: Apple Updates Advisories as Security Firm Discloses New Class of Vulnerabilities

Related: Apple Patches Exploited iOS Vulnerability in Old iPhones

Related: Apple Patches WebKit Code Execution in iPhones, MacBooks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.