iPhone Users Urged to Update to iOS 16.3.1 Due to Security Flaws
Apple has released iOS 16.3.1, a security update that addresses two vulnerabilities, one of which is currently being exploited by cybercriminals. In response to this, the technology giant has urged all iPhone users to update their devices immediately.
Although Apple has provided limited information regarding the fixes included in iOS 16.3.1, the company has revealed that one of the flaws relates to WebKit, the engine that underpins its Safari browser. This flaw, which is being tracked as CVE-2023-23529, allows attackers to execute code on an iPhone. Apple is aware of the potential for this issue to be actively exploited.
Another serious security flaw in the Kernel, the core component of the iPhone's operating system, has also been addressed in iOS 16.3.1. Tracked as CVE-2023-23514, this vulnerability allows an attacker to execute arbitrary code with Kernel privileges via an app. Although there are no reports of this flaw being used in attacks, Apple has advised users to update as a precaution.
This update comes shortly after the release of iOS 16.3, which addressed 13 security flaws, including three affecting WebKit. Apple typically provides limited details about security vulnerabilities to prevent attackers from exploiting them before users have the chance to update their devices.