CONFERENCE NOW LIVE: Threat Detection & Incident Response (TDIR) Summit - Join the Event In-Progress
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

iOS Security Update Patches Exploited Vulnerability in Older iPhones

Apple has released security updates for older iPhones to address a vulnerability exploited in attacks.

Apple this week announced fresh security updates for macOS and iOS, including patches that address an exploited vulnerability in older iPhone models.

The issue, tracked as CVE-2023-23529, was initially addressed as a zero-day in mid-February, with the release of iOS and iPadOS 16.3.1 and macOS Ventura 13.2.1. Apple credited an anonymous researcher for reporting the bug.

Impacting WebKit, the flaw can lead to arbitrary code execution during the processing of maliciously crafted web content and was addressed with improved checks.

“Apple is aware of a report that this issue may have been actively exploited,” the Cupertino-based tech giant notes in its advisory.

Patches for this vulnerability are included in iOS 15.7.4 and iPadOS 15.7.4, which are now rolling out to all iPhone 6s and iPhone 7 models, first-generation iPhone SE, iPad Air 2, fourth-gen iPad mini, and seventh-gen iPod touch.

The security update contains fixes for a total of 16 vulnerabilities that could lead to information leaks, memory write, arbitrary code execution, VPN server spoofing, and to the use of sensitive user data to perform certain actions.

This week, Apple also released security updates for the latest-generation iPhone and iPad models, to address a total of 33 vulnerabilities. Rolling out as iOS 16.4 and iPadOS 16.4, the platform updates also bring several user-experience enhancements.

Nearly 60 vulnerabilities were addressed with the release of macOS Ventura 13.3 this week. macOS Monterey 12.6.4 and Big Sur 11.7.5 were released with patches for over 25 vulnerabilities each.

Advertisement. Scroll to continue reading.

The tech giant also patched two vulnerabilities with the release of Safari 16.4, which is now available for macOS Big Sur and macOS Monterey users.

Security updates are also available for tvOS and watchOS, as well as for Studio Display firmware for macOS Ventura. Further information on the addressed vulnerabilities can be found on Apple’s support website.

Related: Apple Updates Advisories as Security Firm Discloses New Class of Vulnerabilities

Related: Apple Patches Exploited iOS Vulnerability in Old iPhones

Related: Apple Patches WebKit Code Execution in iPhones, MacBooks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Jeremy Koppen has left Mandiant after 13 years to become the CISO of Equifax.

Engineering and technology solutions provider Amentum has appointed Max Shier as its CISO.

PAM provider Keeper Security has appointed Shane Barney as its Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.