With iOS 16.3.1 update, Apple fixed more bugs in iPhone and iPad than previously listed

tech.hindustantimes.com:

Apple recently released a list of vulnerabilities which were discovered in the latest iOS firmware. A high-risk vulnerability discovered in Apple's operating systems puts most of its devices at risk of exploitation. The Cupertino-based tech giant soon pushed out an update which fixed these holes.

The vulnerabilities, termed as CVE-2023-23514, CVE-2023-23522 and CVE-2023-23529 affected iOS and iPadOS versions prior to iOS 16.3.1 and Apple macOS Ventura versions prior to 13.2.1. The list of affected devices included Apple iPhone 8 and later iPad Pro all models, iPad Air 3rd generation and later, iPad 5th generation and later and iPad mini 5th generation and later. Now, it has been revealed that Apple fixed many more vulnerabilities than previously thought.

AppleDB contributor Aaron recently revealed via Twitter that Apple had released new Common Vulnerabilities and Exposures (CVE) for iOS 16.3.1, as well as three additional CVEs for iOS 16.3. The company also fixed a “maliciously crafted certificate” which could be used to initiate a DoS attack. In iOS 16.3 update, Apple fixed a vulnerability which allowed threat actors to read arbitrary files as root as well as two others. There has been no explanation from the tech giant as to why these vulnerabilities were not revealed before.

According to cybersecurity watchdog Indian Computer Emergency Response Team (CERT-In), these vulnerabilities are being actively exploited by hackers. It is recommended that users promptly install the latest software updates. Apple frequently releases updates that not only introduce new features but also enhance security measures and fix vulnerabilities. Therefore, if your iPhone or iPad is operating on the same firmware as mentioned earlier, it is