Apple’s latest updates patch scary Find My, Siri, Weather flaws

Macworld

After about a month, the first major updates to iOS 17, iPadOS 17, and macOS Sonoma have arrived, and they bring a few new features, tweaks, and fixes to improve your devices. But far more important are a slew of security updates to fix numerous vulnerabilities.

According to Apple’s security content page, the updates bring more than a dozen patches for new and old devices, including Macs dating back to Monterey and iPhones running iOS 15. Apple doesn’t say that any of the security flaws have been exploited in the wild, but several of them could lead to serious issues:

Find My

Impact: An app may be able to read sensitive location information

Description: The issue was addressed with improved handling of caches.

CVE-2023-40413: Adam M.

Siri

Impact: An attacker with physical access may be able to use Siri to access sensitive user data

Description: This issue was addressed by restricting options offered on a locked device.

CVE-2023-41982: Bistrit Dahla

Weather

Impact: An app may be able to access sensitive user data

Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-41254: Cristian Dinca of “Tudor Vianu” National High School of Computer Science, Romania

Additionally, the update squashes a handful of WebKit bugs that “may lead to arbitrary code execution” among other vulnerabilities. You can see the entire list of security patches for each update on Apple’s security releases page.

To download the update on your iPhone, head over to Settings > General > Software Update and tap Download and Install. On Ventura or Sonoma Macs, head over to System Settings then General and select Software Update. On Monterey Macs, open System Preferences and select Software Update

iOS, MacOS