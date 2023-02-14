Apple has released security fixes for iPhones, Macs and iPads after the discovery of a new vulnerability affecting the devices, which the company said “may have been actively exploited.”

The company has released iOS 16.3.1, iPadOS 16.3.1 and macOS Ventura 13.2.1 in response to the discovery of the WebKit vulnerability, tracked as CVE-2023-23529.

In its notes on the vulnerability, Apple said that “processing maliciously crafted web content may lead to arbitrary code execution.”

“Apple is aware of a report that this issue may have been actively exploited,” the company said.

iOS 16.3.1:



An issue with Webkit, CVE-2023-23529, was fixed.

Apple report that this issue may have been actively exploited.



Now interesting:



1. The vulnerability was reported by “anonymous researcher”

2. We would like to acknowledge The Citizen Lab for their assistance.



The flaw affects iPhone models as far back as iPhone 8, Macs running macOS Ventura and numerous iPad models.

The vulnerability has been characterised as a type confusion issue, which was addressed through improved checks Apple said.

It was discovered by an anonymous researcher, according to the company.

The security fixes also address a kernel vulnerability (CVE-2023-23514) in iOS, iPadOS and macOS Ventura that was discovered by researchers at Google Project Zero, and a shortcuts vulnerability (CVE-2023-23522) in macOS Ventura.