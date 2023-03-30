[The Epoch Times, March 30, 2023](Reported by English Epoch Times reporter Jack Phillips/Compiled by Takasugi) US federal agencies advise Apple iPhone, iPad users and administrators to update their software as soon as possible to avoid security threats caused by software vulnerabilities .

On Tuesday (March 28), the US Federal Cybersecurity and Infrastructure Security Agency (CISA) issued a notice, which read: “Apple has released a security update to address Vulnerabilities in multiple product devices. (Hacker) attackers can exploit some of these security vulnerabilities to take control of affected devices. CISA encourages users and administrators to review the following notices and make necessary updates as soon as possible.”

The security update released on Monday (March 27) includes iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, Safari 16.4, Studio Display Firmware Update 16.4, watchOS 9.4, tvOS 16.4, macOS Big Software upgrades such as Sur 11.7.5, macOS Monterey 12.6.4 and macOS Ventura 13.3.

Apple confirmed on Monday that it released the iOS 16.4 update to iPhone and iPad users, which includes some new security updates and features.

According to Apple, iOS 16.4 runs on all iPhones starting with the iPhone 8, and the new software update includes bug fixes and new features. Apple also released the iOS 15.7.4 software update for those older iPhones on Monday.

Apple said on its technical support page that the iOS 16.4 update also fixes two flaws in the iPhone operating system, tracked as CVE-2023-27969 and CVE-2023-27933, that could allow malicious actors to exploit users without their knowledge. Execute the code in the case. Meanwhile, another flaw, CVE-2023-28178, could allow attackers to bypass users’ privacy preferences.

The note about the software upgrade also revealed that two vulnerabilities in WebKit, which powers the Safari browser, were also fixed in the latest update. Overall, more than thirty security issues have been fixed in this update.

In its release notes for the iOS 15.7.4 software update, Apple also said it also addressed a number of vulnerabilities, including a WebKit-like vulnerability. Apple said the bug had been targeted and “actively exploited,” suggesting that it’s important to get software updates to devices as soon as possible.

Apple says on its website: “To protect our customers, Apple does not disclose, discuss, or confirm security issues until an investigation has been conducted and an available patch or update has been released. The most recent versions are available on the Apple Security Updates page. list.”

The 15.7.4 software update covers all models of iPhone 6s, iPhone 7s, first-generation iPhone SE, iPad Air 2, later iPad Minis, and seventh-generation iPod touch, among other devices.

In addition to security updates, the iOS 16.4 update also adds new emoji and other features, including web app notifications, a setting that allows users to dim video more easily, and voice isolation for phones, among others.

To update the software to the latest iOS version, consumers can initiate a manual update on their iPhone or iPad by tapping Settings, General, and Software Update. After that, they should click Download and Install, follow the prompts, and wait for the phone to restart.

On Mac laptops and Apple desktops, the software update steps are similar. Users can open the Apple menu, select System Settings, then enter “General”, then click “Software Update”, and then follow the prompts.

Last month, security research firm Sophos pointed out that Apple also discovered a security flaw at the time, which it described as a “zero-day spyware implant bug.” This is a previously unknown security vulnerability that can be actively exploited.

Commenting on one of the vulnerabilities, Sophos said: “Just browsing a website, or opening an application based on web content, such as its splash screen or its help pages, should be harmless, but due to this security flaw , which is enough to allow your device to be infected and manipulated.”

