• Home
  • Mobiles
  • Mobiles News
  • iOS 16.5.1 Rolls Out With Zero Day Vulnerability Fixes Alongside New macOS, iPadOS and watchOS Updates

iOS 16.5.1 Rolls Out With Zero-Day Vulnerability Fixes Alongside New macOS, iPadOS and watchOS Updates

Apple has fixed zero-day vulnerabilities that could be used by attackers to infect an iPhone via an iMessage exploit, according to a security firm.

iOS 16.5.1 Rolls Out With Zero-Day Vulnerability Fixes Alongside New macOS, iPadOS and watchOS Updates

Apple has rolled out important security fixes for iOS 16.5.1 and iOS 15.7.7

Highlights
  • iOS 16.5.1 and iOS 15.7.7. contain fixes for zero-day security flaws
  • These zero-day flaws could allow an attacker to gain control of an iPhone
  • Apple has also rolled out updates for iPadOS, macOS, and watchOS
Advertisement

iOS 16.5.1 is rolling out to users of supported iPhone models, bringing important fixes for zero-day security flaws that could allow an attacker to infect and install spyware on an iPhone via iMessage, according to details shared by a security firm. The latest update also resolves a bug introduced with the previous update that prevented charging with Apple's Lightning to USB 3 camera adapter accessory. The company has also released updates to iPadOS 16.5.1, macOS 13.4.1, and watchOS 9.5.2, with security and bug fixes.

Apple has fixed zero-day (previously unknown) vulnerabilities on iOS 15.7.77 and iOS 16.5.1 that relate to the operating system's kernel and the WebKit engine that powers its Safari browser. The kernel security flaw would allow attackers to install "Triangulation" spyware on an iPhone, according to details shared by security firm Kaspersky. Apple has credited Kaspersky's Georgy Kucherin, Leonid Bezvershenko, and Boris Larin as well as an unnamed researcher for discovering the vulnerabilities.

The security firm explains that an attacker could send an iMessage with a malicious attachment to infect an iPhone that would remain in the device's RAM. If the device was rebooted or 30 days had elapsed, the spyware would be removed from memory. In order to reinfect the device, an attacker would have to send another maliciously crafted attachment via iMessage, according to Kaspersky. The company first revealed details of the security flaw earlier this month.

According to Apple, these security flaws have been fixed on iPhone and iPad with iOS 16.5.1, iOS 15.7.7, iPadOS 16.5.1 or iPadOS 15.7.7. Meanwhile, Mac owners can update to macOS 13.4.1, macOS 12.6.7 or macOS 11.7.8 to remain protected from the security flaw, while Apple Watch users will have to install the watchOS 9.5.2 or watchOS 8.8.1 updates.

Meanwhile, the iOS 16.5.1 update also comes with a fix for a bug introduced with the iOS 16.5 update that was rolled out last month. Updating to iOS 16.5.1 should restore the charging functionality of the Lightning to USB 3 camera adapter, that was accidentally removed with the previous update. Users can head over to the Settings app on their iPhone and tap on General > Software Update > Download and Install in order to download and install the latest software update.


Apple unveiled its first mixed reality headset, the Apple Vision Pro, at its annual developer conference, along with new Mac models and upcoming software updates. We discuss all the most important announcements made by the company at WWDC 2023 on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

David Delima
As a writer on technology with Gadgets 360, David Delima is interested in open-source technology, cybersecurity, consumer privacy, and loves to read and write about how the Internet works. David can be contacted via email at DavidD@ndtv.com, on Twitter at @DxDavey, and Mastodon at mstdn.social/@delima. More
Twitter Resumes Paying Google Cloud for Services, Companies to Explore Deeper Partnership: Report
Nokia G42 5G Price, Specifications Leak via Retailer Site; May Feature Snapdragon 480+ SoC, 5,000mAh Battery
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »