Apple has updated all its active operating systems to address (in varying combinations) three security vulnerabilities, all of which are actively being exploited in the wild. The most concerning of the three vulnerabilities affects the kernel and thus cuts across all Apple operating systems, new and old. macOS, iOS, and iPadOS also receive fixes for a WebKit vulnerability, and iOS 15.7.7 and iPadOS 15.7.7 plug yet another WebKit vulnerability that has presumably been addressed in newer versions but afflicts versions prior to 15.7.
The affected operating systems include:
- iOS 16.5.1 and iPadOS 16.5.1
- iOS 15.7.7 and iPadOS 15.7.7
- macOS Ventura 13.4.1
- macOS Monterey 12.6.7
- macOS Big Sur 11.7.8
- watchOS 9.5.2
- watchOS 8.8.1
Neither tvOS nor HomePod Software are included at the moment. It’s possible the exploits can’t affect them, or perhaps Apple will release updates for them shortly as well.
iOS 16.5.1 and iPadOS 16.5.1 also fix a bug that prevented charging with the Lightning to USB 3 Camera Adapter. It must have been waiting in the wings such that it could hop a ride with this set of security updates.
Although it’s difficult to determine the severity of any given security vulnerability, Apple’s language about active exploits against new and old versions, coupled with the release of so many updates at once—even watchOS 8.8.1 for the Apple Watch Series 3—suggests these vulnerabilities are especially concerning. Update as soon as you reasonably can.