Apple has issued emergency updates that include patches for older iOS devices concerning the two actively used zero-day vulnerabilities that were patched last week in newer devices.
Updates are available for:
|macOS Monterey and macOS Ventura
|iOS 17.2 and iPadOS 17.2
|iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
|iOS 16.7.3 and iPadOS 16.7.3
|iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
|macOS Sonoma 14.2
|macOS Ventura 13.6.3
|macOS Monterey 12.7.2
|Apple TV HD and Apple TV 4K (all models)
|Apple Watch Series 4 and later
The updates may already have reached you if you automatically update, but it doesn’t hurt to check if your device is at the latest update level.
Owners of devices running iOS 16.7 and iPad iOS 16.7 are especially encouraged to update as soon as possible, since the fixed issues may have been exploited against versions of iOS before iOS 16.7.1.
Apple doesn’t disclose, discuss, or confirm details about security issues until an investigation has occurred and patches or releases are available. But both vulnerabilities were credited to Clément Lecigne of Google’s Threat Analysis Group (TAG).
Recently we saw an update for the Chrome browser which included a patch for an actively exploited zero-day vulnerability. That vulnerability was reported by TAG’s Benoît Sevens and the formerly mentioned Clément Lecigne. These Google TAG researchers are renowned for finding and disclosing zero-day vulnerabilities used in state-sponsored spyware attacks.
We don’t just report on phone security—we provide it