Apple has launched iOS 17.3, alongside with a warning to replace now. That’s due to the fact iOS 17.3 fixes sixteen safety issues, one of which is already being used in actual lifestyles attacks.

Apple doesn’t supply a great deal element about what’s constant in iOS 17.3, to enable as many iPhone customers as viable to replace their gadgets earlier than extra attackers can get preserve of the details.

Tracked as CVE-2024-23222, the already-exploited problem in iOS 17.3 is a vulnerability in WebKit, the engine that underpins Apple’s Safari browser, that may want to enable an attacker to execute code. “Apple is conscious of a file that this problem may additionally have been exploited,” the iPhone maker stated on its aid page.

Apple additionally constant three greater WebKit flaws as section of the iOS 17.3 safety upgrade, two of which may want to lead to code execution. Another iOS 17.3 repair well worth noting is a Kernel flaw tracked as CVE-2024-23208, which should permit an adversary to execute arbitrary code with Kernel privileges by using an app.

The iOS 17.3 safety fixes come after Apple has issued quite a few emergency updates, some of which patch flaws being used in adware attacks. These see adversaries compromise iPhones with the aid of so-called “zero-click” assaults requiring no interaction from the user, frequently utilising flaws in WebKit.

It is uncommon for Apple to encompass an pressing fix—ie one that’s already being used in attacks—as phase of a predominant factor improve such as iOS 17.3. This may want to be due to a variety of things, however it’s possibly simply coincidental timing.