iOS 16

iOS 16.4.1 fixes two security vulnerabilities

iOS 16.4.1 update is now available for iPhone 8 and newer models

Rapid John·
NewsDevices and OSApple
···2 min read
Home
News

Apple has released iOS 16.4.1 with a warning that users should update immediately, because iOS 16.4.1 fixes two security vulnerabilities—both of which are being used in real-life attacks.

It should be stressed that both vulnerabilities fixed in iOS 16.4.1 are extremely serious. While it’s impossible to know the details of the attacks and who they target, Apple has issued this update on a weekend, which is very rare.

Apple usually reserves important updates for Mondays or Tuesdays, so the company must have decided the iOS 16.4.1 upgrade was too important to leave, considering that it’s also only just over a week since the release of iOS 16.4.

The iOS 16.4.1 update also fixes some minor bugs, specifically where the pushing hands emoji does not show skin tone variations.

In addition, iOS 16.4.1 fixes an issue where Siri wasn’t responding in some cases.

iOS 16.4.1 Security Fixes

iOS 16.4.1 fixes 2 security issues, the first being an already-exploited flaw in WebKit, the engine that powers Apple’s Safari browser, could allow an attacker to execute code on your device,

The second flaw fixed in iOS 16.4.1, CVE-2023-28206 is an issue in the IOSurfaceAccelerator that could enable an app to execute arbitrary code with kernel privileges.

In both cases, Apple says it is aware of a report that both issues may have been actively exploited.

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A use after free issue was addressed with improved memory management.

IOSurfaceAccelerator

Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds write issue was addressed with improved input validation.

iOS 16.4.1 Supported Devices

iOS 16.4.1 will run on all iPhones from iPhone 8 onwards. To be exact:

  • iPhone 14
  • iPhone 14 Plus
  • iPhone 14 Pro
  • iPhone 14 Pro Max
  • iPhone 13
  • iPhone 13 mini
  • iPhone 13 Pro
  • iPhone 13 Pro Max
  • iPhone 12
  • iPhone 12 mini
  • iPhone 12 Pro
  • iPhone 12 Pro Max
  • iPhone 11
  • iPhone 11 Pro
  • iPhone 11 Pro Max
  • iPhone Xs
  • iPhone XS Max
  • iPhone XR
  • iPhone X
  • iPhone 8
  • iPhone 8 Plus
  • iPhone SE (2nd generation or later)

As normal, to update to iOS 16.4, go to your iPhone Settings > General > Software Update and install iOS 16.4 when you can.