Apple fixes 0-day kernel and WebKit security flaws in iOS, macOS, watchOS, and more
Enlarge (credit: Apple)
Apple has released new minor updates for iOS 16, macOS 13 Ventura, and most of its other actively supported operating systems that fix a pair of serious security bugs that the company says "may have been actively exploited." You should install the iOS and iPadOS 16.5.1, macOS 13.4.1, and watchOS 9.5.2 updates at your earliest convenience, if you haven't already.
One of the vulnerabilities, CVE-2023-32434, is a kernel-level flaw that can allow apps to "execute arbitrary code with kernel privileges." The other, a WebKit bug labeled CVE-2023-32439, can allow the execution of arbitrary code after processing "maliciously crafted web content."
The iOS and iPadOS 16.5.1 updates also fix a non-security bug "that prevents charging with the Lightning to USB 3 Camera Adapter."