Sports and Bugs in tvOS 16.5, macOS 13.4 Ventura, iOS 16.5, iPadOS 16.5, watchOS 9.5, and HomePod Software 16.5
Baseball and soccer fans, take note! In the just-released tvOS 16.5, Apple has added multiview for the Apple TV 4K, allowing fans to watch up to four simultaneous streams, including Major League Soccer matches, “Friday Night Baseball” games, and select MLS and MLB studio shows. Apple says:
With this entirely customizable new multiview experience in the Apple TV app on Apple TV 4K, users can see the available live games displayed at the bottom of their screen, choose the ones they want to watch, and toggle between multiple layout options. Fans can also choose to display one match more prominently, or watch two to four matches in a split-screen view. Users can also control audio preferences, including the home radio feed for MLS Season Pass, and home and away radio for “Friday Night Baseball.” If a user wants to stop watching in multiview, they can quickly switch to full screen with one click.
There’s more for those who follow sports. With macOS 13.4 Ventura, iOS 16.5, and iPadOS 16.5, Apple News offers a dedicated Sports section to provide easy access to stories, scores, standings, and more. It claims to be specific to the teams and leagues you follow, but when I told it that I was only interested in running, it still insisted on showing me Top Stories about other sports. The pop-up menu in the upper-right corner lets you switch to a sport-specific view. Also, My Sports score and schedule cards in Apple News take you directly to game pages where you can find additional details about specific games.
I’ll continue pining quietly for coverage of Diamond League track meets and other exciting running events while looking at the remaining updates in this batch of Apple operating system releases.
macOS 13.4 Ventura
On the Mac side, macOS 13.4 fixes a bug that caused Screen Time settings to reset or fail to sync across devices, resolves a situation where Auto Unlock with Apple Watch fails to log you into your Mac, addresses an issue that caused Bluetooth keyboards to connect to the Mac slowly after restarting, and fixes a VoiceOver problem with navigating to landmarks on Web pages.
I haven’t experienced the Auto Unlock with Apple Watch problems, but I’ve become utterly addicted to the feature and evangelize it whenever possible, so it’s good to hear that Apple is addressing problems there.
iOS 16.5 and iPadOS 16.5
iOS 16.5 and iPadOS 16.5 both address an issue where Spotlight may become unresponsive and participate in the Screen Time fix.
iOS 16.5 also includes a new Pride Celebration wallpaper for the Lock Screen and jumpstarts Podcasts in CarPlay to ensure that it loads content.
Apple’s release notes for watchOS 9.5 are unsatisfying. Although they claim that “watchOS 9.5 includes new features, improvements, and bug fixes,” the only thing Apple describes is a new Pride Celebration watch face. If you love it, there’s a matching Pride Edition Sport Band.
HomePod Software 16.5
Even more terse are the release notes for HomePod Software 16.5, which fall back on “This update includes performance and stability improvements.” And electrons. So many electrons.
Security Notes Explain Rapid Security Response Changes
Each of the operating system updates comes with a slew of fixes for security vulnerabilities:
- tvOS 16.5: 28 vulnerabilities
- iOS 16.5 and iPadOS 16.5: 39 vulnerabilities
- macOS 13.4: 49 vulnerabilities
- watchOS 9.5: 32 vulnerabilities
Most notable among the security notes are descriptions of three WebKit vulnerabilities that Apple says are being actively exploited, two of which were addressed by the first Rapid Security Response updates (see “What Are Rapid Security Responses and Why Are They Important?” 2 May 2023). One was the usual “Processing maliciously crafted web content may lead to arbitrary code execution,” but the other was a more interesting “Processing web content may disclose sensitive information.” Both were credited to an anonymous researcher, but don’t you want to know the story behind them? Maybe Apple does too.
Now we know why Apple didn’t publish any release notes for the Rapid Security Responses. The vulnerabilities addressed also existed in tvOS 16, watchOS 9, and the older iOS 15 and iPadOS 15 (see “iOS 15.7.6 and iPadOS 15.7.6 Incorporate Rapid Security Response Fixes,” 18 May 2023). Apple never discusses security vulnerabilities until all the updates for those vulnerabilities are available.
Remember how I timed the installation of the Rapid Security Responses to see how much downtime they would entail? My M1 MacBook Air and iPhone 14 Pro both took about 4 minutes before they were usable again. In contrast, installing the 1.59 GB macOS 13.4 update on the MacBook Air took 20 minutes, and updating the iPhone 14 Pro to iOS 16.5 took 29 minutes. I lost track of how long my 10.5-inch iPad Pro took and couldn’t spare the time away from writing to update my 27-inch iMac. I remain a fan of Rapid Security Responses and encourage you to install any future ones immediately.
Since only two of the three zero-day WebKit vulnerabilities were addressed by the Rapid Security Responses, I encourage you to install all of these updates soon. The impact of the third WebKit vulnerability is “A remote attacker may be able to break out of Web Content sandbox.” That sounds bad, and the fact that one of the security researchers reporting it works for Amnesty International’s Security Lab suggests that it may be exploited by the likes of the Pegasus spyware.
Well the fact that I need to install the RSR and the 13.4 update (in order to get rid of the badge, since there’s no option like there used to be to shush update indications), means I save actually nothing at all.
Now I get two reboots instead of one.
Sure, supposedly there’s something being exploited in the wild that’s big, bad, and threatening, and imperils my bodily safety, but all I have for that is Apple’s word. The same Apple that has a vested interest in everybody immediately installing whatever update they put out there. I know their marketing folks love to trumpet their update figures so I’d be a fool to just take their word for it as being in my best interest. I’ll also note that not a single one of the reported “fixes” is anything I’ve ever encountered before. OTOH several of the bugs I have noticed and reported (and we’ve discussed right here) are not listed.
Bottom line: I’m not joining the cheering bandwagon. I still need to wait for macOS 14 to see if the most annoying bugs get fixed and I’m still left rebooting my Mac and waiting ~30 min for it to recover from a system update (despite having one of the fastest CPUs available) that does nothing for me.
Skeptics of Apple’s security announcements can check here for additional confirmation:
A listserv that announces new threats as soon as they are added to the Catalog by CISA can be joined here:
Further, a good non-governmental source for infomation about Mac security, in addition to TidBITS, is The Eclectic Light Company, which is run by a well respected Mac technologist:
No, installing 13.4 is all you need now. The RSR has been removed from the update server since it’s patches have been confirmed as contained in 13.4.
That’s because the installer includes a firmware update.
No, you also have the word of Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab, who notified Apple of the attack, according to the security documentation and there are also CVE’s that may give you additional information about the flaw and it’s severity.
They talk about this with regards to major OS updates mainly in a developer context, to encourage the use of new APIs/features, etc. But these point updates which are largely about security are definitely in our best interests and are not part of some underhanded plot by Apple. It is literally Apple trying to fix mistakes in its OS (whether or not an individual’s pet bug gets addressed).
I was in the middle of reporting the following to Apple, when the complication suddenly appeared on my watch. It appeared right after I enabled screenshots on the watch from my phone. Coincidence? Cause and effect? The complication now displays and works on the watch, but it does not display on the Infograph face in the “My Faces” list. But, it does display on the Infograph face when it is selected for editing. Really crazy.
I really don’t think marketing folks are going to do a big campaign around how quickly 13.4 is adopted.
Apple doesn’t doesn’t charge for updates, and they don’t have any history of requirements that would force users to install an upgrade. IIRC they do have a history of developing upgrades that cover older devices longer than Google, etc.’s Android stuff does. And Apple is known for very quickly addressing safety threats.
And iPhones, iPads and Macs play very nicely with one another. Cooperation between different Android and Microsoft ecosystems is reputed not to be nearly as seamless or updates available as frequently. And Apple devices are known for having stronger privacy controls. Apple’s revenue streams aren’t focused on advertising. They do collect very little information, and they do not sell what data they collect.
Meh. Not a sports fan so no rush to add features I don’t/won’t use. Ditto watch faces as I have too many now that I’ll never use.
To correct my previous post…Apple Sports does collect information and uses it to sell advertising just for their very recently purchased Apple TV+ Major League Baseball acquisition:
Legal - My Sports & Privacy - Apple.
Comparatively speaking, they collect a microscopic amount of info, and it is focused on live MLB. It has nothing to do with sharing tracking on time or off time information, or browsing, outside calling or history, etc. But future remains to be seen.
Join the discussion in the TidBITS Discourse forum