If you are using an iPhone, you should install the latest software update as soon as possible, as the device may be vulnerable to an attack. Apple has rolled out iOS 16.4.1 to all supported phones, including the iPhone 8 and newer models, due to a security vulnerability.

The update fixes two vulnerabilities that existed in the previous software, iOS 16.4, which was released late last month.. These were also visible in previous versions of the Mac and iPad software.so Apple released updates for macOS Ventura 13.3.1 and iPadOS 16.4.1.

According to Apple, both security flaws could have allowed hackers to infiltrate the device and “execute arbitrary code”. This means that they can run any code they want on a target device without the owner’s knowledge. This code can give them access to private data, allow them to check the functionality of the device and install malware. It could even allow them to take control of other devices connected to the network or internet the original was connected to.

The vulnerabilities, named CVE-2023-28206 and CVE-2023-28205, These are known as “zero-day” failures.what does that mean Apple was unaware of this when the software was deployed. It also means that devices running that software were vulnerable to attack, as the tech giant had not released a patch or security update to fix it.

Apple said it is aware that both CVE-2023-28206 and CVE-2023-28205 “may have been actively exploited” prior to the release of iOS 16.4.1, macOS Ventura 13.3.1, and iPadOS 16.4.1. CVE-2023-28206 was an “out of bounds write issue” within IOSurfaceAccelerator, a piece of software that manages pixel data.

This means that part of the memory was storing too much data and therefore started storing it in the wrong place, which can cause problems. CVE-2023-28205 was a use after free issue within the WebKit web browser engine.

This means that a program is trying to use or access something it once stored in memory, but has since been released. The flaws were discovered by Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab.

According to Bleeping Computer, Apple often uses these research groups to search for government-sponsored threat actors.

Therefore, these would probably only be exploited in the case of “highly targeted attacks” on politicians, journalists and high-risk individuals. Both of these issues have been fixed with the iOS 16.4.1 update, as well as bugs that prevented Siri from responding to commands and prevented skin tone variation options for the pushing hand emoji.

The latest software update, iOS 16.4, came with loads of new features.including the addition of 21 new emoji on the keyboard. This includes the long-awaited pink heart icon, as well as a wobbly face, moose, ginger stalk, Wi-Fi symbol, and a pair of maracas.