Apple has released iOS 16.4 and is urging iPhone users, particularly those with older devices, to update immediately to benefit from some important security fixes
Despite the seemingly unassuming update number (16.x, rather than 16.x.x), this update has patched 32 known security flaws (opens in new tab) that have been plaguing iOS 16 users for some time, making it a vital update even if you’re not chasing the latest features.
Among the patched vulnerabilites is a fix for a WebKit type confusion issue that hackers could use trigger OS crashes and gain code execution on compromised iOS and iPadOS devices.
iOS 16.4 security update
If successful, anyone utilizing the flaw could then be able to execute arbitrary code, most likely by tricking the victims into opening malicious web pages.
“Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited,” Apple describes the zero-day. “Apple is aware of a report that this issue may have been actively exploited.”
Older iPhone devices are particularly susceptible, with the list of impacted devices including iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) devices.
Elsewhere, iOS 16.4 also amends a worrying Calendar fault that could have seen malicious invitations leaking user information, as well as further fixes including the Photos app’s Hidden Photos Album which has allowed access without authentication via Visual Lookup, a handful of Safari and WebKit flaws including one that saw some user information be trackable, and a number of kernel-related issues.
More broadly, macOS 13.3 fixes issues relating to trackpad gestures and accessibility features, while iOS 16.4 has also added support for home screen web apps by third-party browsers, a new order tracking widget for Apple Pay purchases as part of the Wallet app, voice isolation for cellular calls (as well as video and VoIP calls as before), and other UI tweaks.