iOS 16.1 Includes a Zero-Day Security Patch That Addresses Active Exploits

Apple released the iOS 16.1 update on Monday alongside the iPadOS 16.1, macOS Ventura, tvOS 16.1, and watchOS 9.1. The Cupertino company has revealed that this version includes a patch to address a zero-day vulnerability in the operating system. The company has confirmed that this issue could have been actively exploited. Notably, zero-day vulnerabilities are those exploits that are identified by external sources before the original development team gets aware of the issues. Reports claim that this could be the eighth such zero-day vulnerability found in Apple operating systems.

Apple has listed this zero-day exploit as a kernel vulnerability found on “iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.”

The CVE-2022-42827 exploit is said to allow the execution of an arbitrary code with kernel privileges, that can provide unrestricted access to all data and hardware. The Cupertino company has mentioned that “this issue may have been actively exploited.”

The iOS 16.1 update includes fixes for a total of 19 security issues, including two more kernel exploits, three Point-to-Point Protocol vulnerabilities, two WebKit issues, and more. According to a report by Ars Technica, the CVE-2022-42827 exploit brings Apple’s count of zero-day vulnerabilities for 2022 to eight.

With these many possible vulnerabilities existing in the previous iOS version, it would be for the best that iPhone users upgrade to iOS 16.1 sooner rather than later. This update was released alongside iOS 16.1, macOS Ventura, and other new Apple operating systems on Monday. It brings improvements to the Mail, Messaging, Photos, and Safari apps. There is also a new feature called Live Activities, which are notifications that can be set to stay on the locksceen and offer live updates of ongoing events.