Apple has released iOS 16.4 bringing improvements, other enhancements, bug fixes and security updates and 21 new emoji.
iOS 16.4 introduces notifications for web apps when they’ve been added to the Home Screen. Crash Detection, one of the marquee features on the latest iPhones, has been optimized, presumably with the aim of reducing false alerts.
Duplicate photos in Apple Photos have been addressed already but now images and videos which appear twice in your iCloud Shared Photo Library can be spotted, too.
Voice Isolation for mobile calls can now prioritize your voice and block out ambient noise. A fix is in place for an issue where Ask to Buy requests from kids aren’t showing on their parents’ paired device.
The Books app sees the return of the page turn animation, which has been missing in action since last fall. It’s now back to provide that touch of a real book to your digital reading.
21 new emoji including animals, hand gestures and objects are now available in emoji keyboard
An issue with some thermostats becoming unresponsive has been addressed. Additionally, there has been an update to an accessibility setting to dim video automatically when flashes of light are spotted.
VoiceOver support for maps in the Weather app, Accessibility setting to automatically dim video when flashes of light or strobe effects are detected and Visual Look Up is now available in South Africa.
Podcasts App
iOS 16.4 introduces several new features in Apple’s Podcasts app across the iPhone and CarPlay.
A new Channels menu in the Podcasts app provides a list of podcast channels all in one place on the iPhone, while the Up Next queue now includes episodes listeners have saved to their Library and episodes that they play from shows they do not follow.
CarPlay now provides access to the Up Next and Recently Played queues from the Listen Now tab, along with podcast recommendations in the Browse tab.
New Home App Architecture
iOS 16.4 reintroduces Apple’s revamped Home app architecture, which was initially rolled out with iOS 16.2 but temporarily pulled due to bugs.
After updating to iOS 16.4, an optional update is available in the Home app with new underlying architecture. Apple said the new architecture improves the app’s performance, efficiency, and reliability for controlling smart home accessories.
The new architecture follows the Home app gaining support for Matter accessories in iOS 16.1.
Beta Updates Menu
Starting with iOS 16.4, there is a new “Beta Updates” menu in the Settings app under General → Software Update. This menu will allow members of Apple’s Developer Program to access developer betas of iOS without needing to install a configuration profile from the Apple Developer website, simplifying the beta installation process. It is also possible to easily enable public betas of iOS from the same menu.
The developer beta option will only appear on your iPhone if the device is signed into the same Apple ID you used to enrol in Apple’s Developer Program.
In future iOS releases, Apple says this new menu will be the only way to enable developer betas, preventing configuration profiles from being used and shared online for free.
iOS 16.4 Security Fixes
iOS 16.4 also fixes 32 security issues, including three in the Apple Neural Engine, two in the Kernel and a further two in the WebKit engine that underpins the Safari browser.
Accessibility
Impact: An app may be able to access information about a user’s contacts
Description: A privacy issue was addressed with improved private data redaction for log entries.
Apple Neural Engine
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write issue was addressed with improved bounds checking.
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with improved checks.
AppleMobileFileIntegrity
Impact: A user may gain access to protected parts of the file system
Description: The issue was addressed with improved checks.
AppleMobileFileIntegrity
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by removing the vulnerable code.
Calendar
Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information
Description: Multiple validation issues were addressed with improved input sanitization.
Camera
Impact: A sandboxed app may be able to determine which app is currently using the camera
Description: The issue was addressed with additional restrictions on the observability of app states.
CarPlay
Impact: A user in a privileged network position may be able to cause a denial-of-service
Description: A buffer overflow was addressed with improved bounds checking.
ColorSync
Impact: An app may be able to read arbitrary files
Description: The issue was addressed with improved checks.
Core Bluetooth
Impact: Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CoreCapture
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
Find My
Impact: An app may be able to read sensitive location information
Description: A privacy issue was addressed with improved private data redaction for log entries.
FontParser
Impact: Processing a maliciously crafted image may result in disclosure of process memory
Description: The issue was addressed with improved memory handling.
Foundation
Impact: Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution
Description: An integer overflow was addressed with improved input validation.
iCloud
Impact: A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper
Description: This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder.
Identity Services
Impact: An app may be able to access information about a user’s contacts
Description: A privacy issue was addressed with improved private data redaction for log entries.
ImageIO
Impact: Processing a maliciously crafted image may result in disclosure of process memory
Description: The issue was addressed with improved memory handling.
Impact: Processing a maliciously crafted image may result in disclosure of process memory
Description: An out-of-bounds read was addressed with improved input validation.
Kernel
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A use after free issue was addressed with improved memory management.
Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
LaunchServices
Impact: Files downloaded from the internet may not have the quarantine flag applied
Description: This issue was addressed with improved checks.
LaunchServices
Impact: An app may be able to gain root privileges
Description: This issue was addressed with improved checks.
NetworkExtension
Impact: A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device
Description: The issue was addressed with improved authentication.
Photos
Impact: Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup
Description: A logic issue was addressed with improved restrictions.
Podcasts
Impact: An app may be able to access user-sensitive data
Description: The issue was addressed with improved checks.
Safari
Impact: An app may be able to unexpectedly create a bookmark on the Home Screen
Description: The issue was addressed with improved checks.
Sandbox
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved validation.
Shortcuts
Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user
Description: The issue was addressed with additional permissions checks.
TCC
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by removing the vulnerable code.
WebKit
Impact: Processing maliciously crafted web content may bypass Same Origin Policy
Description: This issue was addressed with improved state management.
Impact: A website may be able to track sensitive user information
Description: The issue was addressed by removing origin information.
iOS 16.4 Supported Devices
iOS 16.4 will run on all iPhones from iPhone 8 onwards. To be exact:
- iPhone 14
- iPhone 14 Plus
- iPhone 14 Pro
- iPhone 14 Pro Max
- iPhone 13
- iPhone 13 mini
- iPhone 13 Pro
- iPhone 13 Pro Max
- iPhone 12
- iPhone 12 mini
- iPhone 12 Pro
- iPhone 12 Pro Max
- iPhone 11
- iPhone 11 Pro
- iPhone 11 Pro Max
- iPhone Xs
- iPhone XS Max
- iPhone XR
- iPhone X
- iPhone 8
- iPhone 8 Plus
- iPhone SE (2nd generation or later)
As normal, to update to iOS 16.4, go to your iPhone Settings > General > Software Update and install iOS 16.4 when you can.
