Skip to content
Thoughtful, detailed coverage of everything Apple for 33 years
and the TidBITS Content Network for Apple professionals
No comments

OS Security Updates Plug Image and Wallet Vulnerabilities

Security updates for Apple’s core operating systems aim to plug two vulnerabilities actively being exploited in the wild. In the first vulnerability, processing a maliciously crafted image could lead to arbitrary code execution; it affects macOS, iOS, and iPadOS. In the second, the Wallet app could allow arbitrary code execution when processing a maliciously crafted attachment; it affects iOS, iPadOS, and watchOS. Apple doesn’t list any other changes in these updates:

I recommend updating using Software Update as soon as is convenient—it’s dangerous to ignore vulnerabilities that could be weaponized through simple and easily automated email and text messages.

It’s too bad Apple didn’t address these vulnerabilities with Rapid Security Response updates that are so much faster to install and easily reverted. The need for a watchOS update may be why, given that Rapid Security Responses are available only for macOS, iOS, and iPadOS (see “What Are Rapid Security Responses and Why Are They Important?” 2 May 2023).

Apple hasn’t indicated whether these image and Wallet vulnerabilities also affect older versions of its operating systems, but I wouldn’t be surprised to see additional updates.

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 33 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

This site is protected by reCAPTCHA. The Google Privacy Policy and Terms of Service apply.

Comments About OS Security Updates Plug Image and Wallet Vulnerabilities