Apple has released security updates for iOS 16.1.1, iPadOS 16.1.1, and macOS Ventura 13.0.1 that address multiple vulnerabilities.
A remote attacker could exploit this vulnerability to take control of an unpatched device.
iOS and iPadOS updates
The Apple iOS 16.1.1 and iPadOS 16.1.1 update fixes two libxml2 vulnerabilities (CVE-2022-40303 and CVE-2022-40304). For each issue, “a remote user may be able to cause unexpected app termination or arbitrary code execution.”
The update is available for iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later models.
macOS Ventura updates
The Apple macOS Ventura 13.0.1 update addresses the same two libxml2 vulnerabilities (CVE-2022-40303 and CVE-2022-40304) addressed in the iOS updates.
- Apple releases new macOS Ventura 13, along with security updates for iOS zero-day and multiple Apple products
- Apple releases security update for iOS 16.0.3
- Microsoft November 2022 Security Updates addresses 65 vulnerabilities (6 zero-days to include ProxyNotShell)