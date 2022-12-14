Just as exercise is good for you and makes you healthier, so constant updates to your operating system are good for you make computers safer. Including the iPhone. Which today is at risk of being hacked by attackers who can exploit a zero-day security vulnerability, that is, one that was discovered when it is already being actively exploited by cybercriminals.

What does Apple’s update fix

Apple on November 30, it released an update of the iOS operating system of the phone, bringing it to version 16.1.2 which eliminates the risk of violation present in the devices. The update is available for all iPhones that support iOS 16, i.e. models from iPhone 8 onwards.

Three novelties From 2023, almost all data on Apple iCloud will be hack-proof by Andrea Nepori

08 December 2022



After explaining at the time of release that the change introduced “important security updates,” Apple revisited the topic today explaining that the update fixed a flaw in WebKit, the browser engine that powers Safari and other apps, which if exploited could allow malicious code to execute on the device This is why you actually need to update Apple’s other operating systems that support WebKit as well: macOS, iPadOS, watchOS, tvOS and Apple’s cloud access app on Windows.

The WebKit vulnerability. The alarm in Italy of the Csirt

The WebKit vulnerability was discovered by security researchers from Google, which has an internal risk analysis group that carries out research on all IT platforms and which in the last two years has established a real record in reporting insecurities on all platforms and not only Android or Windows, but also macOS, iOS and Linux.

The type of problem is actually a small “bug”, an error in the code, which can be exploited by an attacker in an ingenious way (therefore these are hard-to-find bugs) to gain control or at least introduce malicious code into the device. This vulnerability in particular is particularly insidious because an attacker to exploit it simply inserts the malicious code into a website and the user visits it both with the Safari browser, which uses WebKit, and with any other iPhone app that displays web pages, because they also use WebKit for displaying web pages. As reported by the Csirt, the National Cybersecurity Agency, in reality the updates to be made are for all Apple devices: therefore also iPad, Mac and even Apple TV, Apple Watch and the Apple Cloud app on Windows.

The backstory Twice U2 upset Apple’s plans: Jobs went well, Tim Cook paid the price by Pier Luigi Pisa

December 12, 2022



Why iOS update is urgent

The urgency of the update comes from the fact that Apple has stated that it is aware of the vulnerability has been exploited “against versions of iOS released before iOS 15.1”, which dates back to October 2021. For this reason, and for those who have not yet updated to iOS 16, Apple has also released iOS and iPadOS 15.7.2 which fix the same WebKit vulnerability for users of iPhone 6s and later and some iPad models that are not compatible with iPadOS 16.

After releasing the security update within the iOS version in late November, Apple has continued its development strategy of iOS and iPadOS, and two days ago it released version 16.2 of the iPhone operating system, which obviously includes the security update and introduces other innovations such as end-to-end encryption for data saved on iCloud and the new Freeform app for collaboration in the field creative.