Home
Endpoint Security

Apple Announces Security Upgrades for iOS and macOS Flaws

Apple’s patches update 12 vulnerabilities for iOS, iPadOS, Safari, watchOS, macOS, and tvOS.

Anuj Mudaliar Anuj Mudaliar Assistant Editor - Tech, SWZD
December 13, 2023
Apple iOS Security
  • Apple released security patches for its platforms to fix several vulnerabilities, including zero-days such as the CVE-2023-45866.
  • The tech giant also introduced a new security mode for iPhones to protect users in cases of stolen passcodes.

Apple unveiled several patches for security bugs and zero-day vulnerabilities for its platforms, including iOS, iPadOS, Safari, watchOS, macOS, and tvOS. A notable vulnerability fixed in the update is CVE-2023-45866, which allowed the spoofing of a keyboard by injecting keystrokes through a privileged network position.

The new update covers 12 vulnerabilities in iPadOS and iOS, including the WebKit, AVEVideoEncoder, Safari Private Browsing, ExtensionKit, Kernel, ImageIO, and Kernel. Apple also released the 17.2 version of Safari, iOS, and iPadOS to patch the CVE-2023-42883 and CVE-2023-42890, which could trigger denial of service attacks.

The updates also include a Contact Key Verification feature that supports iMessage privacy by allowing the verification of contacts. The CVE-2023-42917 and CVE-2023-42916 were patched for tvOS and watchOS as well.

See More: Bluetooth Vulnerability Exposes macOS, iOS, Linux, and Android Devices

Apple Set to Launch Stolen Device Protection

Apple announced the imminent launch of a security mode for iPhones that will protect users from attackers in cases of stolen passcodes in iPhones. The feature, Stolen Device Protection, makes Apple’s FaceID a requirement to access sensitive data whenever the device is not at a location associated with the device owner. Access to the passcode will not be enough.

The new feature will help protect users from scamsters who look to extract passwords by social engineering techniques and turning off Lost Mode and Activation Lock features. The new feature is currently available for beta users of iOS 17.3.

Do you think Apple invests enough resources in vulnerability management? Let us know your thoughts on LinkedInOpens a new window , XOpens a new window , or FacebookOpens a new window . We’d love to hear from you!

Image source: Shutterstock

LATEST NEWS STORIES

Endpoint Security security
Anuj Mudaliar
Anuj Mudaliar

Assistant Editor - Tech, SWZD

opens a new window opens a new window
opens a new window opens a new window
Anuj Mudaliar is a content development professional with a keen interest in emerging technologies, particularly advances in AI. As a tech editor for Spiceworks, Anuj covers many topics, including cloud, cybersecurity, emerging tech innovation, AI, and hardware. When not at work, he spends his time outdoors - trekking, camping, and stargazing. He is also interested in cooking and experiencing cuisine from around the world.
Take me to Community
Do you still have questions? Head over to the Spiceworks Community to find answers.

Recommended Reads

From Vulnerable to Invincible: Leveraging Tokenization To Protect PII
Data Security

From Vulnerable to Invincible: Leveraging Tokenization To Protect PII

Navigating the Threat of QR Codes as a Gateway to Data Theft
Endpoint Security

Navigating the Threat of QR Codes as a Gateway to Data Theft

LightSpy Spyware Campaign Targets iPhones Across South Asia
Endpoint Security

LightSpy Spyware Campaign Targets iPhones Across South Asia

Strengthening Data Defense: Insights From Recent Ransomware Attacks
Vulnerability Management

Strengthening Data Defense: Insights From Recent Ransomware Attacks

Palo Alto Zero-Day Flaw Exploited Through Python Backdoor
Endpoint Security

Palo Alto Zero-Day Flaw Exploited Through Python Backdoor

Apple Warns iPhone Users About Mercenary Spyware Attacks
Endpoint Security

Apple Warns iPhone Users About Mercenary Spyware Attacks