https://www.zdnet.com/article/its-time-to-update-all-of-your-apple-devices-again-heres-why/
It's time to update all of your Apple devices again based on new bugs found by many independent security researchers.
Apple just released iOS 16.4 with over 30 security fixes iPhone, alongside updates for Mac, iPad and more.
Today Apple released iOS 16.4, iPadOS 16.4, MacOS 13.3, WatchOS 9.4, tvOS 16.4, and HomePod software version 16.4.
Perhaps most importantly, there's a long list of security fixes included in Monday's updates.
Apple's security site was updated shortly after the new software was released, detailing over 30 security issues that were fixed for the iPhone and iPad alone.
https://www.macworld.com/article/1481562/ios-16-4-release-features-emoji-install.html
iOS 16.4 includes more than 30 security updates, including several that could be deemed high-risk, all found by independent security researchers.
Among the flaws patched:
Calendar
Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information
Description: Multiple validation issues were addressed with improved input sanitization.
CVE-2023-27961: Found by Rąza Sabuncu (@rizasabuncu)
Find My
Impact: An app may be able to read sensitive location information
Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2023-23537: Found by an anonymous researcher
WebKit
Impact: A website may be able to track sensitive user information
Description: The issue was addressed by removing origin information. CVE-2023-27954: Found by an anonymous researcher
https://support.apple.com/en-us/HT213673
About the security content of iOS 15.7.4 and iPadOS 15.7.4
Released March 27, 2023
Accessibility
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: An app may be able to access information about a user's contacts Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2023-23541: Found by Csaba Fitzl (@theevilbit) of Offensive Security
Calendar
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information
Description: Multiple validation issues were addressed with improved input sanitization.
CVE-2023-27961: Found by Riza Sabuncu (@rizasabuncu)
Camera
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: A sandboxed app may be able to determine which app is currently using the camera
Description: The issue was addressed with additional restrictions on the observability of app states.
CVE-2023-23543: Found by Yigit Can YILMAZ (@yilmazcanyigit)
CommCenter
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: An app may be able to cause unexpected system termination or write kernel memory
Description: An out-of-bounds write issue was addressed with improved input validation.
CVE-2023-27936: Found by Tingting Yin of Tsinghua University
Find My
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: An app may be able to read sensitive location information
Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2023-23537: Found by an anonymous researcher
FontParser
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may result in disclosure of process memory
Description: The issue was addressed with improved memory handling. CVE-2023-27956: Found by Ye Zhang of Baidu Security
Identity Services
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: An app may be able to access information about a user's contacts Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2023-27928: Found by Csaba Fitzl (@theevilbit) of Offensive Security
ImageIO
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2023-27946: Found by Mickey Jin (@patch1t)
ImageIO
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may result in disclosure of process memory
Description: The issue was addressed with improved memory handling. CVE-2023-23535: Found by ryuzaki
Kernel
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: An app may be able to disclose kernel memory
Description: A validation issue was addressed with improved input sanitization. CVE-2023-27941: Found by Arsenii Kostromin (0x3c3e)
Kernel
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management.
CVE-2023-27969: Found by Adam Doupe of ASU SEFCOM
Model I/O
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2023-27949: Found by Mickey Jin (@patch1t)
NetworkExtension
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device
Description: The issue was addressed with improved authentication. CVE-2023-28182: Found by Zhuowei Zhang
Shortcuts
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user
Description: The issue was addressed with additional permissions checks. CVE-2023-27963: Found by Jubaer Alnazi Jabin of TRS Group Of Companies, and Wenchao Li and Xiaolong Bai of Alibaba Group
WebKit
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: A website may be able to track sensitive user information
Description: The issue was addressed by removing origin information.
WebKit Bugzilla: 250837
CVE-2023-27954: Found by an anonymous researcher
WebKit
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A type confusion issue was addressed with improved checks.
WebKit Bugzilla: 251944
CVE-2023-23529: Found by an anonymous researcher
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)