Apple has released critical software updates for a wide range of iPhone and iPad devices to address two serious vulnerabilities. Users are advised to update their devices immediately to the latest iOS and iPadOS versions.
According to Apple’s security updates page, the iOS and iPadOS 17.0.3 updates fix two specific issues:
- A vulnerability in the kernel that could allow an attacker to gain elevated privileges. Apple indicated this issue may have already been exploited in iOS versions prior to 16.6.
- A heap buffer overflow vulnerability in the libvpx library used by Google Chrome that could be leveraged by a malicious web page to execute arbitrary code.
The updates impact iPhone models XS and later, iPad Pro models beginning with the 2nd generation 12.9-inch version, iPad Air 3rd gen and newer, iPad 6th gen and newer, and iPad Mini 5th gen and newer devices.
Earlier in September, Apple also patched an actively exploited zero-day flaw that allowed installation of spyware like Predator by cyber arms companies. Additional iOS updates this month addressed other security issues as well.
Given the seriousness of these new vulnerabilities, Apple device users should ensure they apply the latest iOS and iPadOS updates as soon as possible. Keeping mobile devices up-to-date with the latest security patches is critical to prevent compromise from known attack methods.