Apple has released iOS 16.3 and iPadOS 16.3 on January 23rd, 2023, which include several security updates aimed at protecting the privacy and security of its users. These updates address a variety of vulnerabilities, including issues where apps may potentially access user-sensitive data, processing images leading to a denial-of-service, apps potentially leaking sensitive kernel state, and apps potentially executing arbitrary code with kernel privileges.
One of the most notable updates is the one addressing a privacy issue in Screen Time, where an app may have been able to access information about a user’s contacts. This issue has now been addressed with improved private data redaction.
Another key update is the one addressing a logic issue in Maps that could have allowed an app to bypass Privacy preferences. This issue has now been resolved with improved state management.
In addition, there are updates for Safari that address an issue where visiting a website may lead to an app denial-of-service, and for Mail Drafts, where the quoted original message may be selected from the wrong email when forwarding an email from an Exchange account. These updates ensure that users can browse the web and use their email safely and securely.
As always, Apple follows a strict policy of not disclosing or discussing security issues until they have been investigated and patches or releases are available. Users can find information about recent releases on the Apple security updates page.