Apple fixes IOSurfaceAccelerator and WebKit security flaws after reports of exploitation

Apple has released new software updates for iPhone and Mac, which include important bug fixes and security updates. The company has now disclosed the details of the security flaws that have been fixed in the updates. These updates are crucial, as Apple has noted that it has seen reports of these flaws being exploited in the wild.

iOS 16.4.1 Security flaws fixed

Apple prioritizes security with urgent software updates for iOS and macOS

Apple has fixed two flaws for both iOS and macOS. The first one is an IOSurfaceAccelerator flaw that allowed apps to “execute arbitrary code with kernel privileges”. The second one is a WebKit flaw that could see the processing of malicious code leading to arbitrary code execution. Both flaws can be potentially dangerous, as they can be used to gain control of a user’s device.

macOS 13.3.1

Apple has made it clear that it is “aware of a report that this issue may have been actively exploited.” Therefore, it is important for users to update their devices as soon as possible to protect themselves against potential attacks.

The IOSurfaceAccelerator flaw was fixed by improving input validation. The flaw was discovered by Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab. The flaw affected iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.

iPad 10

The WebKit flaw was fixed by improving memory management to address a use-after-free issue. This flaw was also discovered by Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab. The flaw affected the same devices as the IOSurfaceAccelerator flaw.

Apple has always taken security very seriously and has been quick to address any security flaws that have been found. However, these recent updates highlight the importance of keeping software up to date. It is crucial for users to update their devices as soon as possible to ensure that they are protected against any potential attacks.

About the Author

Asma is an editor at iThinkDifferent with a strong focus on social media, Apple news, streaming services, guides, mobile gaming, app reviews, and more. When not blogging, Asma loves to play with her cat, draw, and binge on Netflix shows.