The latest iOS 16.3.1 update has addressed many pre-existing security flaws that were not specifically listed by the company at the time of release.
Last week, Apple released iOS/iPadOS 16.3.1 update to patch security bugs and fix some problems on iPhones and iPad. At that time, Apple briefly mentioned some changes, but recently, the company has added a lot of information about the patch that has never been mentioned before.
Specifically, ” Apple defect” adds a category of Common Vulnerabilities and Threats (CVEs) on iOS 16.3.1 and 3 new CVEs on iOS 16.3 – the operating system version released in January 2023. On iOS 16.3.1, the company has patched it. The vulnerability involves a “malicious certificate” that could be used to perform a denial of service (DoS) attack that could clog devices or networks. Apple says the DoS threat has been addressed. through improving the input validation value.
But most notably, iOS 16.3 has up to 3 CVEs patched through the latest update, although the company has not mentioned these issues before. One of them can be used for hackers to read arbitrary files with root privileges. The other two vulnerabilities allow attackers to execute arbitrary code on an iPhone or iPad with the ability to bypass the sandbox mechanism.
All of the above vulnerabilities are patched in iOS/iPadOS 16.3.1, so security experts recommend iPhone and iPad users update their devices to this version soon. In addition, Apple also patched a potentially dangerous bug on Mac computers with the macOS 13.2.1 update.