There are plenty of reasons to update your iPhone to iOS 16. You can customize your Lock Screen to be anything you want, edit and undo iMessages, and even see your iPhone’s battery percentage again. While those new features and changes are worth updating for, none are as pressing as the latest security update.
Apple latest suite of updates patch a handful of security vulnerabilities: The latest iPhone and iPad updates patch 11 such flaws, while the latest Mac updates patches eight for macOS Monterey and 10 for macOS Big Sur.
Normally, security vulnerabilities are concerning but not as urgent, because Apple and third-parties are the only ones who know about the flaws, or, at the very least, know how they can be exploited. While it’s important to update quickly, it often isn’t a do-or-die moment. However, as it turns out, one of these flaws is a zero-day with a known exploit in the wild. As Apple says, the company “is aware of a report that this issue may have been actively exploited. If true, that means someone out there knows how to use this vulnerability against you, potentially putting your iPhone, iPad, and Mac at risk.
The vulnerability in question is identified as CVE-2022-32917, and allows bad actors to execute arbitrary code with kernel privileges. In short, malicious users could run whatever code they like on your system, taking control of the device entirely. That situation means it’s essential you update your devices as soon as possible.
Which Apple devices received security updates?
Well, in short, all of them. Apple issued updates for iPhones, iPads, Macs, Apple Watches, and Apple TVs, even if those devices don’t support the latest updates. For example, for iPhones that aren’t eligible for iOS 16, there’s iOS 15.7, which includes all the same patches found in Apple’s brand-new update. However, it isn’t clear whether the tvOS and watchOS security updates include a patch for the vulnerability, or if those devices are affected by the vulnerability in the first place.
You can find the changelogs for the following security updates below:
[The Hacker News]
Read the full article here