April 23, 2024

iOS 16.6 – Update Now Warning Issued To All iPhone Users

Apple released iOS 16.6 with a warning to update now. That’s because the iOS 16.6 update fixes 25 major iPhone security flaws, two of which are already being used in real-life attacks.

Among the issues patented in iOS 16.6 are 11 in the Kernel at the heart of the iPhone operating system and eight in WebKit, the engine that underpins Apple’s Safari browser.

Apple doesn’t give much information about what’s fixed in iOS 16.6, to allow as many iPhone users as possible to update before more attackers can get hold of the data. But the iPhone maker says: “This update provides important bug fixes and security updates and is recommended for all users.”

The iOS 16.6 upgrade comes just two weeks after the release of iOS 16.5.1 (c) – Apple’s second Rapid Security Update that had to be released twice after the first version came with a serious bug.

While the Rapid Security Response fixes are only emergency security updates, Apple usually waits for major upgrades like iOS 16.6 for most of its patches. If you have already applied 16.5.1 (c), it fixes the previously exploited WebKit vulnerability listed in iOS 16.6, CVE-2023-37450.

Tracked as CVE-2023-38606, the Kernel bug that is already being used in attacks has been fixed in iOS 16.6. “An app may be able to modify the sensitive state of Kernel,” Apple said on a support pageadding that it is “aware of a report that this issue may have been actively exploited against versions of iOS released prior to iOS 15.7.1.”

The Kernel flaw fixed in iOS 16.6 is the third iOS issue discovered by security outfit Kaspersky as part of what it calls spyware Triangulation attacks, which place malware on people’s iPhones without requiring any user interaction.

The Issues Fixed in iOS 16.6 Are “Pretty Bad”

Flaws like the issues fixed in iOS 16.6 are sometimes used in attacks that use spyware to take control of someone’s iPhone — usually targeting businesses, government workers and dissidents.

Independent security researcher Sean Wright says the issues fixed in iOS 16.6 are “very serious vulnerabilities.”

It says that the previously exploited WebKit flaw “can be linked to a Kernel vulnerability” to take control of your device.

Wright warns that the iPhone’s Kernel vulnerabilities “are a concern because this is the heart of the operating system and contains many security controls.”

“The ability to bypass these controls could be significant, from a security perspective,” says Wright. “Combine these two vulnerabilities with the others, and an attacker could gain complete control over a victim’s device.”

Why You Need To Update To iOS 16.6 Now

It’s a good idea to update to iOS 16.6 now, if possible. Wright says there’s no need to panic, but “update as soon as you can.”

It’s also worth considering that even if you have Automatic Updates enabled, it may take some time for iOS 16.6 to arrive on your device. That means you need to check into your Settings for the update and apply it yourself to ensure the best security.

The iOS 16.6 update is available for iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later. Apple also released iOS 15.7.8 and iPadOS 15.7.8 for older device models.

You know what to do. Go to your Settings > General > Software Update and download and install iOS 16.6 now to keep your iPhone safe.

Leave a Reply

Your email address will not be published. Required fields are marked *