Apple releases iOS 16.7.1 and iPadOS 16.7.1 to patch security issues in older devices
iOS 17 may be the newest software for Apple's devices, but millions of users have an iPhone or iPad that is not compatible with the latest iteration of the operating system. Apple has released iOS 16.7.1 and iPadOS 16.7.1 to patch some critical vulnerabilities on older iPhone and iPad devices.
Apple patches an actively exploited threat in iOS 16
You may be aware that Apple released the iOS 17.0.3 update last week to fix overheating issues on iPhone 15 and older models. The update shipped with two important security fixes.
The latest update for iOS 16 includes patches for the same issues. The first of the 2 bugs has been tracked under CVE-2023-42824. This is a kernel level security issue that a local attacker can exploit to gain elevated privileges to the iPhone. Of course to do that, they will need physical access to the device. Apple says it was able to patch the security flaw by improving some checks. The Cupertino company has confirmed that it is aware that the vulnerability may have been actively exploited by hackers on versions of iOS older than iOS 16.6.
The other security issue is tracked as CVE-2023-5217. Per the release notes that the company has published on its support portal, this bug is related to WebRTC, and it could allow a buffer overflow to lead to arbitrary code execution. Apple says it addressed the vulnerability by updating libvpx to 1.13.1.
The iOS 16.7.1 update is available for the iPhone 8, iPhone 8 Plus, iPhone X and later. iPadOS 16.7.1 is available for iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad Mini 5th generation and later. The build number for the update is 20H30. The security patch is not exclusive to older device models. If your iPhone or iPad is eligible for the iOS 17 or iPadOS 16 upgrade, but you have chosen to stick with iOS 16, you should install the new patch as soon as possible in order to protect your device. To install the update, head to the Settings app > General > Software Update.
I'm not sure whether delaying security updates for older devices is a good idea. Sure it may have only arrived a week later than the iOS 17.0.3 patch, but considering the fact that one of the 2 vulnerabilities has been exploited by attackers, I feel that Apple should have acted more responsibly by patching the flaws sooner. It is not clear whether the company will release a similar security patch for older versions of iOS, for context the last security update for iOS 15 was released a month ago. Apple may be renowned for long term OS updates, but Google plans to claim the crown from its rival, by supporting its Pixel phones for up to 7 years of OS updates. It is a bold commitment, and only time will answer if the Mountain View company will fulfill its promise.Advertisement