If you own an Apple device, there’s likely a very important security update waiting for it. After issuing iOS 16.4.1, iPadOS 16.4.1, macOS 13.3.1, and Safari 16.4.1 on Friday, Apple pushed iOS 15.7.5 and iPadOS 15.7.5 and macOS Big Sur 11.7.6 and Monterey 12.6.5 to older devices to patch two actively exploited security flaws.
In all, Macs going back to 2013, iPhones to 2015, and iPads to 2014 have all been patched within days of each other, underscoring the urgency of the patches. Apple usually waits to update older operating systems until the next full version arrives, which would have been iOS 16.5 and macOS 13.4, presumably arriving in early May. The iOS 15.7.5 update addresses the iPhone 6s and 7, while the Big Sur and Monterey updates add MacBooks from 2013 and 2014 and iMacs from 2014.
The patches fix the same two security issues across all devices. Apple says both “may have been actively exploited” and could allow a hacker to “execute arbitrary code” on your device:
IOSurfaceAccelerator
- Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
- Description: An out-of-bounds write issue was addressed with improved input validation.
- CVE-2023-28206: Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab
WebKit
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: A use after free issue was addressed with improved memory management.
- WebKit Bugzilla: 254797
CVE-2023-28205: Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab
The updates are all very small, between 256MB and 1.5GB depending on the device. To update an iPhone or iPad head over to the Settings app and tap General and Software Update. On a Mac, open System Preferences (Big Sur, Monterey) or System Settings (Ventura), then Software Update and follow the prompts.
Read more about How long Apple supports iPhones for and How long Apple supports Macs for.