Click here to read the full article.
iPhone users are being advised to update their operating systems to iOS 16.5 because it fixes several vulnerabilities that may be targeted by malign actors and malware.
The latest update patches about 40 problems and bugs, said Apple in its patch notes, which includes three key security issues that may be actively exploited. The three problems are connected to WebKit, the browser engine used to power the Safari browser, as well as users of iPhone 8 and later, all iPad Pro models, iPad Air 3rd generation and later, iPad 5th generation and later, and iPad Mini 5th generation and later.
As it has done in previous security patches, Apple did not provide much in terms of technical details regarding the security vulnerabilities. It said that three potentially actively exploited bugs—which some researchers refer to as “zero-day” fixes—are included in the update.
Apple confirmed that the company is aware that three vulnerabilities “may have been actively exploited,” according to the patch notes.
A security researcher, Sean Wright of Featurespace, said that the latest update is “another mixed bag of vulnerabilities, some with quite severe impacts if an attacker were able to successfully exploit them” because “chaining some of these vulnerabilities together could potentially allow an attacker to be able to remotely gain full control of a device.”
“I would highly recommend that people update when they can, but equally there’s no reason to panic about these vulnerabilities either. They will likely be targeted vulnerabilities, targeting high profile users such as media, politicians, etc.,” he told Forbes magazine this week.
Another researcher noted that with the iOS 16.5 update, Apple finally corrected the root cause of a security flaw—known as ColdIntro—that the company said was patched in August of last year. “An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited,” the firm said last year of the fix.
“A vulnerability that was believed to be patched back in 2022 by Apple is more mysterious than researchers initially believed it to be. The patch mitigated a vulnerability that was exploited in the wild as part of an attack chain targeting co-processors,” researchers with Jamf wrote this week, adding that it impacts all iPad Pro models and iPhone 6 models and later.
The exploits allow “an attacker to exploit other vulnerabilities within the AP Kernel,” Jamf wrote. “Though it’s not sufficient for a full device takeover on its own, this vulnerability can be exploited to leverage the co-processor in order to obtain read/write privileges to the kernel, allowing a bad actor to get closer to realizing their ultimate goal of fully compromising the device.”
The firm recommended users to update as soon as possible. To download iOS 16.5 and the security fixes, head to Settings > General > Software Update and follow the prompts on the screen.
In the aftermath of the iOS 16.5 update, some users on the Apple Community Forums complained that the release caused their iPhone’s battery to deplete more quickly. During prior iOS updates, similar complaints were made.
According to Apple, “iOS 14.5 and later includes an update where the battery health reporting system will recalibrate maximum battery capacity and peak performance capability on iPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max to address inaccurate estimates of battery health reporting for some users.”
The update comes just weeks ahead of the Apple Worldwide Developer Conference after the Cupertino, California-based tech giant released the schedule, set to run between June 5 and June 9.
Other updates in iOS 16.5 include a sports tab in Apple News that will give easy access to stories, scores, standings, and other sports-related information. It also fixes an issue where Spotlight may become unresponsive and also addresses an issue where Screen Time settings may reset or not sync across devices.
But controversially, Apple released an LGBT “Pride Celebration” wallpaper for the Lock Screen. The wallpaper features a standard, LGBT rainbow flag-like design, and the update was revealed by Apple’s chief executive, Tim Cook, on Twitter this week.
“Apple: Destroy Your Battery Life for Pride,” wrote one prominent Twitter user on Thursday.
In recent days, major brands such as retailer Target and Bud Light have faced backlash and boycotts after those firms made overtures to the LGBT community. Target, for example, released new “Pride”-centered clothing for young children—including infants—while Bud Light produced a beer can with transgender activist Dylan Mulvaney’s face on it.
“The goal is to make ‘pride’ toxic for brands. If they decide to shove this garbage in our face, they should know that they’ll pay a price. It won’t be worth whatever they think they’ll gain. First Bud Light and now Target. Our campaign is making progress. Let’s keep it going,” wrote Daily Wire commentator Matt Walsh.
Continue reading here.
Scroll down for comments and share your thoughts!
GIPHY App Key not set. Please check settings