Modern web browsers are complicated, which opens them up to more potential security problems. Apple has now released updates to patch a flaw in Safari that allowed web pages to execute code on the device.
Apple just released system updates for iPhones, iPads, and Macs, all of which include a fix for a flaw in Safari’s webkit engine. The updates have version numbers of iOS 16.4.1, iPadOS 16.4.1, and macOS Ventura 13.3.1, respectively. Apple hasn’t disclosed details about the security vulnerability, except that it allows “maliciously crafted web content” to run arbitrary code on the device as if a native application was running.
Unfortunately, this is also a zero-day vulnerability — Apple says it is “aware of a report that this issue may have been actively exploited.” For Mac computers not updated to Ventura, Safari 16.4.1 is rolling out to macOS Big Sur and Monterey with the same fix.
The updates for macOS Ventura, iOS 16, and iPadOS 16 also include a fix for another security vulnerability in IOSurfaceAccelerator, a system framework. That flaw allows for arbitrary code execution with the same provides as kernel code. Apple says that flaw may also be in use already in the wild.
You can download the new OS updates from the Settings app on your iPhone, iPad, or Mac. Perhaps, one of these days, Apple will figure out how to update Safari without a full operating system upgrade.
Source: Apple (iOS/iPadOS, macOS, Safari)
- › What Is a Rapid Security Response on iPhone, iPad, or Mac?
- › Get These Early Father’s Day Tech Deals Before They’re Gone
- › Google Drive Is Ending Support for Older Windows PCs
- › Will macOS 14 Sonoma Run on My MacBook or Desktop Mac?
- › The ChatGPT App for iPhone Just Got an Upgrade
- › The Apple Vision Pro’s Price Isn’t As Crazy At It Seems
- › Windows 11 Is Trying to Unify RGB Device Settings