Security News > 2023 > March > Apple Issues Urgent Security Update for Older iOS and iPadOS Models
Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models.
The issue, tracked as CVE-2023-23529, concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution.
It was originally addressed by the tech giant with improved checks as part of updates released on February 13, 2023.
"Processing maliciously crafted web content may lead to arbitrary code execution," Apple said in a new advisory, adding it's "Aware of a report that this issue may have been actively exploited."
The update is available in versions iOS 15.7.4 and iPadOS 15.7.4 for iPhone 6s, iPhone 7, iPhone SE, iPad Air 2, iPad mini, and iPod touch.
The disclosure comes as Apple rolled out iOS 16.4, iPadOS 16.4, macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5, tvOS 16.4, and watchOS 9.4 with numerous bug fixes.
News URL
https://thehackernews.com/2023/03/apple-issues-urgent-security-update-for.html
Related news
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- New iOS Security Feature Makes It Harder for Police to Unlock Seized Phones (source)
- iOS 18 added secret and smart security feature that reboots iThings after three days (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-27 | CVE-2023-23529 | Type Confusion vulnerability in Apple products A type confusion issue was addressed with improved checks. | 8.8 |