Two weeks after the release of iOS 16.3, Apple is pushing an important update that contains security patches and bug fixes. But not all users should install it the same way.
Apple released a security update for the iPhone in the form of iOS 16.3.1 on Monday. It includes, among other things, a patch for a serious vulnerability that was actively exploited by hackers. However, some users complain that the update causes problems on iPhone.
iOS 16.3.1 closes two security holes
Apple has summarized the content of the iPhone update on its support page. Overall, patches for two vulnerabilities can be found in it. The more serious of these concerns Apple’s WebKit browser engine, on which the iOS version of Safari is also based. It allows maliciously crafted web content to execute arbitrary code. Translated, this means that hackers can gain access to the iPhone – for example via fake websites.
Apple is at least “aware of a report that the issue may have been actively exploited.” The company uses this to describe cases in which hackers have actually misused vulnerabilities for attacks. This type of vulnerability differs from those found by security researchers in a controlled environment. According to Apple, a type confusion in the code caused the problem. The company has fixed the vulnerability named CVE-2023-23529 through improved controls.
Another patch is available for the iOS system core, the so-called kernel. The patch fixes a so-called use-after-free error (UAF). This occurs when a program leaves a reference to it after leaving memory. Attackers can use the memory reference with a maliciously crafted app to run their code at the system level. Apple has now closed the CVE-2023-23514 vulnerability with “improved memory management”.
According to the release notes, iOS 16.3.1 also includes a number of bug fixes. The update addresses the following issues:
- iCloud settings may not respond or display correctly when apps access iCloud
- Siri requests for Find My may not work
- Optimizations for crash detection on iPhone 14 and iPhone 14 Pro models
Update may cause problems with Google Photos
On Twitter and Reddit Since the release of the new iOS version, several users have complained about problems with the Google Photos app for iOS. After the update, the app crashes immediately after opening and can no longer be used. TECHBOOK installed iOS 16.3.1 to check the allegations. In fact, the Google Photos app can no longer be opened in our test on the iPhone 13 mini.
While it’s probably an iOS bug, responsibility now rests with Google to fix the problem with its own app update. Users who have already installed iOS 16.3.1 and are also seeing crashes should therefore keep an eye out for an update for Google Photos in the App Store.
Should I install iOS 16.3.1 right away?
TECHBOOK normally advises installing security updates on compatible devices as soon as possible. In this case, we must explicitly advise iPhone owners who use Google Photos against it – at least as long as there is no app update that fixes the problem.
However, we recommend that all other users update to iOS 16.3.1, as otherwise there is no protection against an actively exploited vulnerability. The update is available for iPhone 8 and later, and is also coming to iPad Pro, iPad Air (3rd generation and later), iPad (5th generation and later), and iPad mini (5th generation and later) in the form of iPadOS 16.3.1 ).