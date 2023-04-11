Apple has made iOS 16.4.1 available to all compatible devices, including the iPhone 8 and newer models.

The update addresses two flaws discovered in the previous software, iOS 16.4, which was released at the end of last month.

These were also visible in older versions of Mac and iPad software, so Apple released updates for macOS Ventura 13.3.1 and iPadOS 16.4.1.

According to Apple, both security flaws could have allowed hackers to infiltrate the device and “execute arbitrary code.”

If you own an iPhone, you should install the most recent software update as soon as possible because your device may be vulnerable to attack. (stock image)

This means they could execute any code they desired on a specific device without the owner’s knowledge.

This code could allow them to access private data, gain control of the device’s functionality, and install malware.

It may even allow them to take control of other devices connected to the same network or internet as the original.

The flaws, known as CVE-2023-28206 and CVE-2023-28205, are referred to as ‘zero-day’ flaws because they were unknown to Apple when the software was deployed.

It also means that devices running that software were vulnerable to attack because the tech behemoth had not issued a patch or security update to address the issue.

Apple acknowledged that CVE-2023-28206 and CVE-2023-28205 “may have been actively exploited” prior to the release of iOS 16.4.1, macOS Ventura 13.3.1, and iPadOS 16.4.1.

The CVE-2023-28206 vulnerability was a ‘out-of-bounds write issue’ in the IOSurfaceAccelerator, a component of the software that manages pixel data.

This means that a portion of the memory was storing too much data and began storing it in the incorrect location, which can cause problems.

Clément Lecigne of Google’s Threat Analysis Group and Donncha Cearbhaill of Amnesty International’s Security Lab discovered the flaws.



This means that a programme is attempting to use or access something that was previously stored in memory but has since been freed.

HOW TO UPGRADE

Apple has released iOS 16.4.1, which promises to fix the two security flaws, CVE-2023-28206 and CVE-2023-28205.

Go to Settings > General to get the update.

Select Software Update.

Then, for iOS 16.4.1, select Download and Install.

According to BleepingComputer, Apple typically uses these research groups to identify government-sponsored threat actors.

As a result, these were only likely to be used in ‘highly targeted attacks’ on politicians, journalists, and other high-risk individuals.

Both of these issues have been addressed in the iOS 16.4.1 update, as have bugs that caused Siri not to respond to commands and prevented the skin tone variation options for the pushing hands emoji from being available.

The most recent software update, iOS 16.4, added a slew of new features, including 21 new emoji to the keyboard.

This includes the much-anticipated pink heart icon, as well as a moose, stem ginger, the Wi-Fi symbol, and a pair of maracas.

Some iOS 16.4 users have complained that a system bug is rapidly draining their device’s battery life.

Last week, iPhone users all over the world were unable to access live forecasts on the Apple Weather app, which some also associated with their new operating system.

