Apple releases iOS 16.1.1 to close two major security vulnerabilities

Apple released the iOS 16.6.1 update this afternoon, along with details about the security fixes included in the update.

Apple says so iOS 16.1.1 fixes two important security vulnerabilitieswhere both “It may have been actively exploited.”

The first fix in iOS 16.6.1 affects Image I/O, Apple’s system that allows apps to read and write most image file formats and access an image’s metadata.

Apple shared the following details about this vulnerability and the fix:

  • Impact: Processing a maliciously crafted image may result in arbitrary code execution. Apple is aware of a report indicating that this issue may have been actively exploited.
  • Description: A buffer overflow issue has been addressed through improved memory management.
  • CVE-2023-41064: The Citizen Lab at the Munk School at the University of Toronto

The second vulnerability patched in iOS 16.6.1 affected the Apple Wallet application:

  • Impact: A malicious attachment may result in arbitrary code execution. Apple is aware that this issue may have been actively exploited.
  • Description: A validation issue has been resolved with improved logic.
  • CVE-2023-41061: Apple

The image I/O flaw was also fixed with today’s release of macOS Ventura 13.5.2, but macOS was not affected by the wallet vulnerability. For Apple Watch users, watchOS 9.6.2 fixes the Apple Wallet bug, but the platform is not affected by the image I/O bug.

With these important security fixes We recommend updating your iPhone, iPad, Mac, and Apple Watch devices to the latest versions of their operating systems as soon as possible.

Recent Articles

Related News

Leave A Reply

Please enter your comment!
Please enter your name here