iOS 16.6, macOS Ventura 13.5, and Other Updates Patch Actively Exploited Vulnerabilities

Monday, July 24, 2023 5:10 PM

The iOS 16.6, iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6, and tvOS 16.6 updates that Apple released today address a long list of security vulnerabilities, including two that Apple says may have been actively exploited.

Apple today also released iOS 15.7.8, iPadOS 15.7.8, macOS Monterey 12.6.8, and macOS Big Sur 11.7.9 for devices that are not able to run the current release versions of the Mac, iPhone, and iPad software. These updates contain the same security improvements.

There are several fixes for kernel vulnerabilities, including one that could allow an app to modify a sensitive kernel state. This is the vulnerability that Apple says may have been actively exploited, but Apple's wording indicates that it only received reports of active exploits against versions of iOS that were released before iOS 15.7.1. It is, however, patched on all platforms.

The updates also fix a WebKit vulnerability that Apple says could have been actively exploited, but Apple first addressed this issue with the iOS 16.5.1 (c) and ‌macOS Ventura‌ 13.4.1 (c) Rapid Security Responses, so some ‌iPhone‌, ‌iPad‌, and Mac users may have already had protection from this issue.

Because these new software releases include so many security fixes, it is a good idea to install them as soon as possible. A full list of the patches that Apple has implemented can be found on Apple's security support website.