作者簡介
iOS 16.6.1 與 iPadOS 16.6.1 版本更新 安全性更新
Apple 在 2023/09/08 日正式推出 iOS 16.6.1 與 iPadOS 16.6.1 版本更新,此版本更新沒有新增加功能,根據 Apple 官方的說明主要為安全性更新,修正了惡意製作的圖像、附件會導致任意代碼執行安全性問題,建議所有使用者進行更新。
更新版本:iOS 16.6.1、iPadOS 16.6.1
Apple 對於 iOS 16.6.1 與 iPadOS 16.6.1 更新說明
此版本更新沒有新增加功能,根據 Apple 官方的說明主要為安全性更新,修正了圖片安全性問題,惡意製作的圖像會導致任意代碼執行。以及,修正了 Wallet 的安全性問題,惡意製作的附件會導致任意代碼執行。
以下是 Apple 對於此版本更新說明:
ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A buffer overflow issue was addressed with improved memory handling.
CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk School
Wallet
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A validation issue was addressed with improved logic.
CVE-2023-41061: Apple
