Senior ContributorOpinions expressed by Forbes Contributors are their own.
Straight Talking Cyber
Apple has issued iOS 16.3.1, along with a warning to update now. That’s because iOS 16.3.1 fixes two security flaws, one of which is already being used in real-life attacks.
Apple doesn’t give much detail about what’s fixed in iOS 16.3.1, to give enough time for people to update before more attackers can get hold of the details. According to the limited information on Apple’s support pagethe already-exploited flaw is in WebKitthe engine that underpins the iPhone maker’s Safari browser.
Tracked as CVE-2023-23529the issue fixed in iOS 16.3.1 could allow an attacker to execute code on someone’s iPhone. “Apple is aware of a report that this issue may have been actively exploited,” The iPhone maker added.
Apple iOS 16.3.1 also fixes a second serious security issue in the Kernel at the heart of the iPhone’s operating system. Tracked as CVE-2023-23514, the flaw could allow an attacker to execute arbitrary code with Kernel privileges via an app. Apple is not aware of any reports that the issue has been used in attacks.
The iOS 16.3.1 update comes just weeks after the release of iOS 16.3which fixed 13 security flaws, including three in WebKit.
Apple iPhone
Why you should update to iOS 16.3.1
If you are already on iOS 16, you need to update to iOS 16.3.1. as soon as possible. While the exploited bug probably targets a specific group of people, it’s only a matter of time before more attackers use it more widely. The stakes are even higher for businesses and high-profile individuals.
Updating to iOS 16.3.1 as soon as you can is the best way to protect yourself, says independent security researcher Sean Wright. “It’s also theoretically possible to chain the WebKit vulnerability with the Kernel one to gain full access to the device,” he warns. However, there’s no reason to believe this has happened in real-life attacks yet, Wright adds.
If you are on iOS 15 but have an iOS 16-compatible iPhone, now may be the time to update to iOS 16.3.1. While Apple had previously been updating iOS 15 with important security fixes, it is only doing so for older iPhones that can’t upgrade to iOS 16.
The iOS 16 upgrade also comes with some brilliant new iPhone features, many of which are a boost to your security.
The iOS 16.3.1 update is available for the iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
So what are you waiting for? Go to your Settings> General> Software Update and upgrade to iOS 16.3.1 now to keep your iPhone safe.
Get the best of Forbesto your inbox with the latest insights from experts across the globe.
Follow me onTwitterorLinkedIn.
Kate is an award winning and widely-recognized cybersecurity and privacy journalist with well over a decade’s experience covering the issues that matter to users, businesses and governments. In addition to Forbes, her work can be found in publications including Wired, The Guardian, The Observer, The Times and The Economist.
With a focus on smartphone security including Apple iOS security and privacy, application security, cyberwarfare and data misuse by the big tech firms, Kate reports and analyzes breaking cybersecurity and privacy stories and trending topics. A co-founder of the Forbes Straight Talking Cyber video project, which has been named ‘Most Educational Content’ at the 2021 European Cybersecurity Blogger Awards, she is also a recognized industry commentator and has appeared on radio shows including the WVON Morning Show with Attorney Ernest B. Fenton, BBC Radio 5 Live and podcasts such as the Guardian’s Today in Focus. Kate can be reached atkate.oflaherty@techjournalist.co.uk.
Read MoreRead Less
