The iOS 16.6, iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6, and tvOS 16.6 updates that Apple released today address a long list of security vulnerabilities, including two that Apple says may have been actively exploited.
Apple today also released iOS 15.7.8, iPadOS 15.7.8, macOS Monterey 12.6.8, and macOS Big Sur 11.7.9 for devices that are not able to run the current release versions of the Mac, iPhone, and iPad software. These updates contain the same security improvements.
There are several fixes for kernel vulnerabilities, including one that could allow an app to modify a sensitive kernel state. This is the vulnerability that Apple says may have been actively exploited, but Apple's wording indicates that it only received reports of active exploits against versions of iOS that were released before iOS 15.7.1. It is, however, patched on all platforms.
The updates also fix a WebKit vulnerability that Apple says could have been actively exploited, but Apple first addressed this issue with the iOS 16.5.1 (c) and macOS Ventura 13.4.1 (c) Rapid Security Responses, so some iPhone, iPad, and Mac users may have already had protection from this issue.
Because these new software releases include so many security fixes, it is a good idea to install them as soon as possible. A full list of the patches that Apple has implemented can be found on Apple's security support website.
Article Link: iOS 16.6, macOS Ventura 13.5, and Other Updates Patch Actively Exploited Vulnerabilities