Apple has released a point update for iPhones, iPads and Macs. iOS 17.1.2, iPadOS 17.1.2 and macOS 14.1.2 ship with patches for 2 actively exploited security flaws.
Both vulnerabilities affect WebKit, which is the engine that powers Apple's Safari browser, and web apps in its operating systems.
The first security vulnerability, which has been tracked under CVE-2023-42916, is related to processing of web content. Apple says that it may lead to disclosing sensitive information. The Cupertino company has patched the flaw by improving the input validation. The other security flaw has the tracking number CVE-2023-42917. Like the first bug, this one also impacts processing of web content, but in this case it could lead to arbitrary code execution. The bug was found to be a memory corruption vulnerability, which was addressed with improved locking.
Apple says that it is aware that these vulnerabilities may have been actively exploited by attackers. The release notes on Apple's security web portal also mentions that the issues could have been exploited in iOS versions before 16.7.1. Apple has credited security researcher Clément Lecigne of Google's Threat Analysis Group, for discovering and reporting the bugs. The WebKit Bugzilla numbers for the issues are WebKit Bugzilla: 265041 and WebKit Bugzilla: 265067, but the details about the issues have not been released publicly. That's probably because the fixes for the issues have just been released, and it may take a few days for the patches to roll out, and it is possible that more information about the bug may be published after many users have installed the update.
The fixes for the vulnerabilities are included in the iOS 17.1.2 update, which is available for the iPhone XS and later, while the iPadOS 17.1.2 update is compatible with the following models: iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later. macOS 14.2 Sonoma includes the patches for both bugs. The build number for iOS 17.1.2 and iPadOS 17.1.2 is 21B101, while macOS 14.2 has the build number 23B92 / 23B2091.
Users who are on macOS 12 and 13 have not been left behind, Apple Safari 17.1.2 has been released for macOS Monterey and macOS Ventura to patch the security vulnerabilities.
If you have not yet received a notification to install the update on your device, you can check for it manually heading to the Settings > General > Software Update, to download and install the latest version.
We have seen quite a few actively exploited security issues in iOS, iPadOS and macOS this year. It is clear that the number of attacks that target Apple's operating systems are on the rise. Hackers have even started using sophisticated attack methods like the Clearview campaign, which was designed to target macOS browsers with fake updates to deliver a payload that contains the Atomic Stealer malware.
Apple released the fourth beta of iOS 17.2, iPadOS 17.2 and macOS 14.2 a few days ago. The update will introduce the highly-anticipated Journal app for iPhones, among other features and improvements. We can expect the stable version of the update to be released for all users later this month.
Apple’s efforts with putting advanced AI capabilities across its ecosystem, the way Google has implemented them with Gemini, have a lot of ground left
Sam Altman did a panel discussion at Technische Universität Berlin last week, where he predicted that ChatGPT-5 would be smarter than him — or more ac
Adobe FireflyFollowing on the success of its IP-friendly Firefly Image model, Adobe announced on Wednesday the beta release of a new Firefly Video mod
OpenAIOpenAI CEO Sam Altman announced via an X post Wednesday that the company’s o3 model is being effectively sidelined in favor of a “simplified” GP
It’s no secret that Apple’s AI efforts, especially on the iPhone, haven’t quite managed to create a stir, neither in terms of capabilities, nor the pa
Today, Microsoft announced its first World and Human Action Model, or WHAM, a generative AI capable of generating game visuals and controller actions.
We are a dynamic information platform dedicated to delivering timely, relevant, and reliable content across a broad spectrum of topics. From the latest in technology and business to lifestyle, health, and global affairs, we aim to keep our readers informed and inspired.
Our editorial team is committed to maintaining high standards of accuracy and clarity, ensuring that every article provides value and context in an ever-changing world. We believe in the importance of accessible knowledge and strive to make complex topics understandable for everyone.
Whether you're here to stay updated on current events, explore thought-provoking features, or simply learn something new, our goal is to offer a trustworthy source of information that meets the needs of a diverse and curious audience.