Apple has released a critical security patch for iPhones just three weeks after the rollout of the iOS 16.4 update. The patch, iOS 16.4.1, was issued to address two zero-day vulnerabilities that were actively being exploited by hackers. The vulnerabilities, CVE-2023-28206 and CVE-2023-28205, would have allowed malicious apps to execute arbitrary code with kernel privileges on potential victims' iPhones. In addition, a security loophole in a browser would have allowed hackers to drop malicious code via a compromised website onto iPhones.
To install the iOS 16.4.1 update on an iPhone, users can do so via OTA (Over-The-Air) or manual installation through Apple iTunes. To use OTA, users need to ensure that there is enough storage space and that the device has more than 50% battery life before initiating the download. To update via iTunes, users need to back up their iPhone/iPad with either iCloud or iTunes before initiating the download procedure. They also need to ensure that their PC has the latest version of the iTunes app. Once these prerequisites are met, users can launch iTunes on their Mac or PC, insert their device, and click on the iPhone, iPad or iPod touch in the top left navigation. They can then tap on the Check for Update button and agree to the terms and conditions.
Zero-day vulnerabilities are software loopholes that have yet to be addressed by developers, making them vulnerable to exploitation by hackers. Apple's quick response in issuing a critical security patch demonstrates the company's commitment to protecting its users' privacy and security. Users are advised to regularly update their iPhones and other Apple devices to ensure that they have the latest security patches installed.
