To be specific, the update Apple is asking its users to download covers both the iPhone and the iPad through iOS 16.5 and iPadOS 16.5. The company from Cupertino says that these updates will immediately mitigate the three zero-day exploits that are directly related to the WebKit browser.
— SecurityWeek (@SecurityWeek) May 20, 2023 The exploits in question are CVE-2023-32049, CVE-2023-28204, and CVE-2023-32373. The first exploit on the list allows a remote attacker to break out of the iOS Web Content security sandbox, the second allows a hacker to view web content that may otherwise contain sensitive information, and the third could allow bad actors to slide it “maliciously crafted web content” that may lead to arbitrary code execution. To condense all that down into a single paragraph: basically, these exploits increase the vulnerability and risk of users and their personal data and information being accessed by unwanted 3rd parties. Therefore, if you’re an iOS user, it is probably in your best interest to update your device right now. As for the affected iOS and iPadOS devices, the list includes all current iPad Pro models, 3rd generation iPad Air onwards, the 5th generation iPad and iPad Mini and later, all iPhone models from the 6s onwards, Mac workstations and laptops running macOS, Apple Watch Series 4 and later, and the Apple TV 4K and HD. Apple’s Rapid Security Response system should have already prompted users regarding the iOS updates, but if you aren’t seeing it on your phone, the fruit company is encouraging users to just manually update their device and not waste time waiting for the automatic update. (Source: Techspot, Apple)