top of page

Apple releases security update for CVE-2023-23529

Apple has backported fixes for an actively exploited security flaw to older iPhone and iPad models. The issue, tracked as CVE-2023-23529, concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution. It was originally addressed by the tech giant with improved checks as part of updates released on February 13, 2023. An anonymous researcher has been credited with reporting the bug. This news is concerning for many reasons. Firstly, the fact that the security flaw was actively being exploited. Secondly, that it affects such a wide range of devices. And thirdly, that it was only addressed after it was reported. Apple has said that the update is available in versions iOS 15.7.4 and iPadOS 15.7.4 for iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation). The disclosure comes as Apple rolled out iOS 16.4, iPadOS 16.4, macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5, tvOS 16.4, and watchOS 9.4 with numerous bug fixes. If you have any of these devices, it is important that you update them as soon as possible. However, this news does serve as a reminder of the importance of always keeping your devices and software up to date.


bottom of page