If your device can’t run iOS 17.0.1, Apple is also releasing iOS 16.7, macOS 12.7, and macOS 13.6 to iPhone and Mac users to fix a few vulnerabilities exploited by attackers.
On Apple’s security releases page, the company explains some of the fixes these updates bring, as they impacted the Kernel, Security, and WebKit sections of iPhone and Mac devices.
Kernel
Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: The issue was addressed with improved checks.
CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
Security
Impact: A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: A certificate validation issue was addressed.
CVE-2023-41991: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
Webkit
Impact: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 261544
CVE-2023-41993: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
Interestingly, Apple has already addressed similar issues with iOS 16.6.1 and other software updates for devices that could run iOS 16 as well. As the company becomes aware of other issues and exploited vulnerabilities, it updates its devices.
So, if you can’t get iOS 17 or macOS Sonoma, make sure to update your old iPhone and Mac to the latest version to protect your data and devices, such as iOS 16.7.
