Security Researchers Delve Into Major Vulnerability Patched in iOS 16.3 and macOS 13.2

by

With almost every iOS and macOS update, Apple includes a host of security improvements to address major vulnerabilities. iOS 16.3 and macOS Ventura 13.2, released back in January, were no exception. Both updates included fixes for a long list of issues, including two that were highlighted today in a report from Trellix.

iOS 16
Trellix Advanced Research Center discovered a new class of privilege execution bugs within iOS and macOS, which could be exploited to delve into an iPhone or Mac user's messages, location data, photos, call history, and more.

In a blog post highlighting how the bug was found, Trellix explains how mitigations that Apple introduced for the FORCEDENTRY zero-click exploit in September 2021 could by bypassed, allowing for a "huge range of potential vulnerabilities."

Trellix found its first vulnerability in the coreduetd process, which could be used to give an attacker access to a person's calendar, address book, and photos. Vulnerabilities in OSLogService and NSPredicate were able to be exploited to achieve code execution within Springboard, providing attackers access to the camera, microphone, call history, and more.

Data about these vulnerabilities was relayed to Apple, and the company fixed the exploits in iOS 16.3 and macOS 13.2 Ventura. Security support documents for both updates were refreshed yesterday to reflect the addition of the patches.

Trellix is credited with two vulnerabilities (CVE-2023-23530 and CVE-2023-23531) that Apple patched with improved memory handling. Trellix said that it thanks Apple for working quickly to fix the issues.

Popular Stories

iPhone SE 4 Thumb 1

New iPhone SE and iPad 11 Launch Timing Allegedly Revealed by Leaker

Tuesday January 7, 2025 11:12 am PST by
A new iPhone SE and an iPad 11 might be coming very soon. In late December, a private account on X with a track record of leaking accurate iOS-related information said devices codenamed "V59" and "J481" will be released alongside iOS 18.3 and iPadOS 18.3. Bloomberg's Mark Gurman has previously reported that "V59" is a new iPhone SE, and that "J481" is a new entry-level iPad. iOS 15.3, iOS ...
Read Full Article38 comments
HomePod mini and Apple TV

New Apple TV and HomePod Mini Launching This Year With One Thing in Common

Wednesday January 8, 2025 6:18 am PST by
It was recently reported that new Apple TV and new HomePod mini models will launch this year, and the devices are expected to have one thing in common. Bloomberg's Mark Gurman last month reported that the new Apple TV and the new HomePod mini will be equipped with Apple's own combined Wi-Fi and Bluetooth chip. Gurman said the chip supports Wi-Fi 6E, so that could end up being a key upgrade...
Read Full Article52 comments
iOS 18

Apple Releases iOS 18.2.1 With Bug Fixes

Monday January 6, 2025 10:07 am PST by
Apple today released iOS 18.2.1 and iPadOS 18.2.1, minor updates to the iOS 18 and iPadOS 18 operating systems. iOS 18.2.1 and iPadOS 18.2.1 come almost a month after Apple released iOS 18.2 and iPadOS 18.2. The new software can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. According to Apple's release notes, iOS 18.2.1...
Read Full Article94 comments
iPhone 17 Pro Dual Tone Rectangle Slimmer Feature 1

iPhone 17 Said to Feature More Seamless Camera Bump Design

Monday January 6, 2025 2:56 am PST by
The design of this year's next-generation iPhone 17 will allegedly feature a smoother transition between the edges of the camera bump and the back cover, owing to Apple's use of a new glass-and-metal splicing material process. That's according to the Weibo-based leaker Fixed Focus Digital. In a post on Monday, the Chinese leaker claimed that suppliers say the iPhone 17 is adopting a...
Read Full Article74 comments
LG UltraFine 6K Display TB5

LG Unveils UltraFine 6K Display With Thunderbolt 5 Support

Tuesday January 7, 2025 3:56 am PST by
LG has shown off a new Ultrafine 6K monitor at CES 2025. The 32-inch display is the first of its kind to support Thunderbolt 5, which Apple introduced late last year with the launch of new Mac mini and MacBook Pro models powered by M4 Pro chips. Details are scant, but we do know that the LG UltraFine 6K monitor (model 32U990A) features a Nano IPS Black panel, delivering a wide color gamut...
Read Full Article166 comments
M6 MacBook Pro Feature 1

5 Reasons to Wait for Next Year's MacBook Pro

Wednesday January 8, 2025 6:33 am PST by
Apple in October 2024 overhauled its 14-inch and 16-inch MacBook Pro models, adding M4, M4 Pro, and M4 Max chips, Thunderbolt 5 ports on higher-end models, display changes, and more. That's quite a lot of updates in one go, but if you think this means a further major refresh for the MacBook Pro is now several years away, think again. Bloomberg's Mark Gurman has said he expects only a small...
Read Full Article99 comments
iOS 18 on iPhone Arrow Down

What to Expect From iOS 18.2.1, iOS 18.3, and iOS 18.4

Monday January 6, 2025 6:46 am PST by
Apple plans to release at least three iOS versions before the end of April, including iOS 18.2.1, iOS 18.3, and iOS 18.4. Below, we outline what to expect from each of these updates. iOS 18.2.1 Update: Apple has released iOS 18.2.1 with "important bug fixes." Last month, we reported that Apple has been internally testing iOS 18.2.1, which is expected to have a build number of 22C161....
Read Full Article40 comments

Top Rated Comments

Realityck Avatar
Realityck
25 months ago

apple stans in panic mode after realizing the walled garden is useless
MacOS is not a walled garden.
Score: 31 Votes (Like | Disagree)
NT1440 Avatar
NT1440
25 months ago

It's us users who pay the price for Apple's recent lack of software quality
Show me one piece of software that doesn’t have bugs and I’ll show you a piece of software that just hasn’t been examined enough.

This is the world of modern software, millions of interacting libraries, improper error checking in places that no one should be able to get to but a different exploit was found to allow for it, etc.

This isn’t an obvious “password is in plaintext” kind of security flaw. This is a chain of flaws. This is how the world works now.
Score: 30 Votes (Like | Disagree)
I7guy Avatar
I7guy
25 months ago
I guess according every other vendor in the world writes code that is 100% bug free with no vulnerabilities.:rolleyes:
Score: 28 Votes (Like | Disagree)
madmin Avatar
madmin
25 months ago
It's us users who pay the price for Apple's recent lack of software quality
Score: 22 Votes (Like | Disagree)
rgwebb Avatar
rgwebb
25 months ago

It's us users who pay the price for Apple's recent lack of software quality
Weird takeaway from a story about Apple rapidly responding to a white hat security team's notification of vulnerabilities.
Score: 20 Votes (Like | Disagree)
citysnaps Avatar
citysnaps
25 months ago

I guess according every other vendor in the world writes code that is 100% bug free with no vulnerabilities.:rolleyes:
It's astonishing so many people believe that's true.

Apparently everything else in their lives marches to 100.0% perfection 100.0% of the time.
Score: 17 Votes (Like | Disagree)
Read All Comments