2 min read

Update to iOS 16.1 Now! Critical Security Fix Inside

Filip TRUȚĂ

October 25, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Update to iOS 16.1 Now! Critical Security Fix Inside

Apple is rolling out the first major incremental update for iOS 16 users, delivering not just extra oomph and squashed bugs, but also a good dose of security fixes – including a fix for a critical flaw that hackers are said to be exploiting in the wild.

iOS 16.1 targets iPhone 8 and newer models, as well as most iPad models in circulation. A total of 19 vulnerabilities are addressed in the update, including a particularly nasty flaw that can be exploited to take over the device.

Tracked as CVE-2022-42827, the bug was submitted by an anonymous researcher who found that a threat actor can exploit a Kernel weakness and “execute arbitrary code with kernel privileges.”

‘Actively exploited’

Apple tersely describes the flaw as an “out-of-bounds write issue,” which iOS 16.1 patches with improved bounds checking. The Cupertino-based tech giant holds back granular technicalities to keep aspiring hackers from using that knowledge against iOS users.

Yet Apple does make it clear that some malicious minds have become well acquainted with the flaw and are likely using it against people in the real world.

“Apple is aware of a report that this issue may have been actively exploited,” the company states in the advisory.

Another kernel flaw addressed in this release, tracked as CVE-2022-42808, could theoretically be chained to the previous one to gain complete remote access to the victim’s phone.

“A remote user may be able to cause kernel code execution,” reads the description.

While iOS attacks are generally precisely targeted – and indeed very rare, compared to other ecosystems – they are typically very dangerous, compromising critical figures like government officials, journalists, activists, dissidents, academics, and business people.

Apple has addressed nine zero-day flaws so far this year.

Security fixes across the board

In addition to iOS 16.1, Apple this week deployed individual security fixes for three macOS versions, including older versions still supported officially by the company. Individual updates are also available for Apple TV and Apple Watch users.

Bitdefender strongly encourages Apple customers to always use the newest OS version eligible for their device to ensure the latest security patches are applied.

To update your iPhone or iPad, go to Settings -> General -> Software Update, and choose Download and Install.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison
Vlad CONSTANTINESCU

December 05, 2022

1 min read
Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data
Filip TRUȚĂ

December 05, 2022

1 min read
Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info
Alina BÎZGĂ

December 02, 2022

2 min read