TechTech News

New iOS Update Warning Issued for Millions of iPhone Users

Save
New iOS Update Warning Issued for Millions of iPhone Users
An Israeli woman uses her iPhone in front of the building housing the Israeli NSO group in Herzliya, Israel, on Aug. 28, 2016. (Jack Guez/AFP via Getty Images)
Jack Phillips
5/25/2023
Updated:
5/27/2023
0:00

iPhone users are being advised to update their operating systems to iOS 16.5 because it fixes several vulnerabilities that may be targeted by malign actors and malware.

The latest update patches about 40 problems and bugs, said Apple in its patch notes, which includes three key security issues that may be actively exploited. The three problems are connected to WebKit, the browser engine used to power the Safari browser, as well as users of iPhone 8 and later, all iPad Pro models, iPad Air 3rd generation and later, iPad 5th generation and later, and iPad Mini 5th generation and later.
As it has done in previous security patches, Apple did not provide much in terms of technical details regarding the security vulnerabilities. It said that three potentially actively exploited bugs—which some researchers refer to as “zero-day” fixes—are included in the update.

Apple confirmed that the company is aware that three vulnerabilities “may have been actively exploited,” according to the patch notes.

A security researcher, Sean Wright of Featurespace, said that the latest update is “another mixed bag of vulnerabilities, some with quite severe impacts if an attacker were able to successfully exploit them” because “chaining some of these vulnerabilities together could potentially allow an attacker to be able to remotely gain full control of a device.”

“I would highly recommend that people update when they can, but equally there’s no reason to panic about these vulnerabilities either. They will likely be targeted vulnerabilities, targeting high profile users such as media, politicians, etc.,” he told Forbes magazine this week.
Another researcher noted that with the iOS 16.5 update, Apple finally corrected the root cause of a security flaw—known as ColdIntro—that the company said was patched in August of last year. “An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited,” the firm said last year of the fix.

“A vulnerability that was believed to be patched back in 2022 by Apple is more mysterious than researchers initially believed it to be. The patch mitigated a vulnerability that was exploited in the wild as part of an attack chain targeting co-processors,” researchers with Jamf wrote this week, adding that it impacts all iPad Pro models and iPhone 6 models and later.

The exploits allow “an attacker to exploit other vulnerabilities within the AP Kernel,” Jamf wrote. “Though it’s not sufficient for a full device takeover on its own, this vulnerability can be exploited to leverage the co-processor in order to obtain read/write privileges to the kernel, allowing a bad actor to get closer to realizing their ultimate goal of fully compromising the device.”

The firm recommended users to update as soon as possible.  To download iOS 16.5 and the security fixes, head to Settings > General > Software Update and follow the prompts on the screen.

A view of the main entrance to Apple Inc. in Cupertino, Calif., on March 11, 2011. (Ryan Anson/AFP/Getty Images)
A view of the main entrance to Apple Inc. in Cupertino, Calif., on March 11, 2011. (Ryan Anson/AFP/Getty Images)
In the aftermath of the iOS 16.5 update, some users on the Apple Community Forums complained that the release caused their iPhone’s battery to deplete more quickly. During prior iOS updates, similar complaints were made.
According to Apple, “iOS 14.5 and later includes an update where the battery health reporting system will recalibrate maximum battery capacity and peak performance capability on iPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max to address inaccurate estimates of battery health reporting for some users.”
The update comes just weeks ahead of the Apple Worldwide Developer Conference after the Cupertino, California-based tech giant released the schedule, set to run between June 5 and June 9.

Possible Controversy

Other updates in iOS 16.5 include a sports tab in Apple News that will give easy access to stories, scores, standings, and other sports-related information. It also fixes an issue where Spotlight may become unresponsive and also addresses an issue where Screen Time settings may reset or not sync across devices.

But controversially, Apple released an LGBT “Pride Celebration” wallpaper for the Lock Screen. The wallpaper features a standard, LGBT rainbow flag-like design, and the update was revealed by Apple’s chief executive, Tim Cook, on Twitter this week.

“Apple: Destroy Your Battery Life for Pride,” wrote one prominent Twitter user on Thursday.

In recent days, major brands such as retailer Target and Bud Light have faced backlash and boycotts after those firms made overtures to the LGBT community. Target, for example, released new “Pride”-centered clothing for young children—including infants—while Bud Light produced a beer can with transgender activist Dylan Mulvaney’s face on it.

“The goal is to make ‘pride’ toxic for brands. If they decide to shove this garbage in our face, they should know that they’ll pay a price. It won’t be worth whatever they think they’ll gain. First Bud Light and now Target. Our campaign is making progress. Let’s keep it going,” wrote Daily Wire commentator Matt Walsh.

SHARE THIS ARTICLE
Jack Phillips
Jack Phillips
Author (Breaking News Reporter)
Jack Phillips is a breaking news reporter with 15 years experience who started as a local New York City reporter. Having joined The Epoch Times' news team in 2009, Jack was born and raised near Modesto in California's Central Valley. Follow him on X: https://twitter.com/jackphillips5
twitter
Related Topics