After releasing iOS 16.6.1 for iPhone customers this afternoon, Apple has additionally now revealed full particulars on the safety fixes induced within the replace. Apple says that iOS 16.1.1 patches two key safety vulnerabilities, each of which “could have been actively exploited.”
The primary repair in iOS 16.6.1 pertains to Picture I/O, which is Apple’s framework that permits apps to learn and write most picture file codecs and entry a picture’s metadata. Apple shared the next particulars on this vulnerability and the repair:
- Impression: Processing a maliciously crafted picture could result in arbitrary code execution. Apple is conscious of a report that this subject could have been actively exploited.
- Description: A buffer overflow subject was addressed with improved reminiscence dealing with.
- CVE-2023-41064: The Citizen Lab at The College of Torontoʼs Munk Faculty
The second vulnerability patched in iOS 16.6.1 affected the Apple Pockets app:
- Impression: A maliciously crafted attachment could lead to arbitrary code execution. Apple is conscious of a report that this subject could have been actively exploited.
- Description: A validation subject was addressed with improved logic.
- CVE-2023-41061: Apple
The Picture I/O bug was additionally patched with at this time’s launch of macOS Ventura 13.5.2, however macOS was unaffected by the Pockets vulnerability. For Apple Watch customers, watchOS 9.6.2 addresses the Apple Pockets bug, however the platform was unaffected by the Picture I/O bug.
With these vital safety fixes, we suggest updating your iPhone, iPad, Mac, and Apple Watch units to the most recent variations of their working methods as quickly as doable.
Comply with Likelihood: Threads, Twitter, Instagram, and Mastodon.
FTC: We use revenue incomes auto affiliate hyperlinks. Extra.
