blog.dataJAR

Understanding and responding to Apple’s latest security updates for macOS, iOS and iPadOS (February 2023)

Apple’s latest security updates

In the past few days, Apple has released security updates in response to Webkit vulnerabilities that have been actively exploited by attackers targeting its macOS, iOS and iPadOS operating systems.

The CVEs in question are CVE-2023-23514, CVE-2023-23522 and CVE-2023-23529, listed in the Common Vulnerabilities and Exposures (CVE) database which makes it easier to share data across separate vulnerability capabilities (tools, databases, and services). 

Kernel – CVE-2023-23514

Available in: macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1

Impact: An app may be able to execute arbitrary code with kernel privileges.

Description: A use after free issue was addressed with improved memory management.

Shortcuts – CVE-2023-23522: 

Available in: macOS Ventura 13.2.1

Impact: An app may be able to observe unprotected user data.

Description: A privacy issue was addressed with improved handling of temporary files.

WebKit – CVE-2023-23529: 

Available in: macOS Ventura 13.2.1, Safari 16.3, iOS 16.3.1 and iPadOS 16.3.1

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A type confusion issue was addressed with improved checks.

What to do:

You should update your Mac, iPhone or iPad as soon as possible by following the instructions on the Apple Security Updates page. 

The latest available operating system version are:

  • iOS 16.3.1
  • iPadOS 16.3.1
  • macOS Ventura 13.2.1

Note that for previous versions of macOS, Webkit vulnerabilities are often addressed in updates to the Safari web browser itself.

datajar.mobi customers will see their devices being updated as per the details found in the following knowledgebase articles: 

Any customers that require advice or support are welcome to contact our Support Desk via the dataJAR help centre.

Latest posts

See All
February 9, 2024

Update: dataJAR blog content moving to Jamf’s platform

Featured image for “Update: dataJAR blog content moving to Jamf’s platform”
July 26, 2023

Did somebody mention macOS updates?

Featured image for “Did somebody mention macOS updates?”

Featured articles

May 4, 2023

Understanding BYOD and ADE enrolments in macOS – pros, cons and what to look out for 

Featured image for “Understanding BYOD and ADE enrolments in macOS – pros, cons and what to look out for ”
March 15, 2023

Getting started with web browser management in Jamf Pro

Featured image for “<strong>Getting started with web browser management in Jamf Pro</strong>”