Security Researchers Delve Into Major Vulnerability Patched in iOS 16.3 and macOS 13.2
With almost every iOS and macOS update, Apple includes a host of security improvements to address major vulnerabilities. iOS 16.3 and macOS Ventura 13.2, released back in January, were no exception. Both updates included fixes for a long list of issues, including two that were highlighted today in a report from Trellix.
Trellix Advanced Research Center discovered a new class of privilege execution bugs within iOS and macOS, which could be exploited to delve into an iPhone or Mac user's messages, location data, photos, call history, and more.
In a blog post highlighting how the bug was found, Trellix explains how mitigations that Apple introduced for the FORCEDENTRY zero-click exploit in September 2021 could by bypassed, allowing for a "huge range of potential vulnerabilities."
Trellix found its first vulnerability in the coreduetd process, which could be used to give an attacker access to a person's calendar, address book, and photos. Vulnerabilities in OSLogService and NSPredicate were able to be exploited to achieve code execution within Springboard, providing attackers access to the camera, microphone, call history, and more.
Data about these vulnerabilities was relayed to Apple, and the company fixed the exploits in iOS 16.3 and macOS 13.2 Ventura. Security support documents for both updates were refreshed yesterday to reflect the addition of the patches.
Trellix is credited with two vulnerabilities (CVE-2023-23530 and CVE-2023-23531) that Apple patched with improved memory handling. Trellix said that it thanks Apple for working quickly to fix the issues.
Popular Stories
Apple today announced a "special Apple Experience" in New York, London, and Shanghai, taking place on March 4, 2026 at 9:00am ET.
Apple invited select members of the media to the event in three major cities around the world. It is simply described as a "special Apple Experience," and there is no further information about what it may entail. The invitation features a 3D Apple logo design...
Apple is looking for a "breakthrough" with its push into wearable AI devices, including an "AirTag-sized pendant," according to Bloomberg's Mark Gurman.
In a report this week, he said the pendant is reminiscent of the failed Humane AI Pin, but it would be an iPhone accessory rather than a standalone product.
The pendant would feature an "always-on" camera and a microphone for Siri voice...
Back at WWDC 2025, Apple revealed that it was planning to allow CarPlay users to watch video via AirPlay in their vehicles while they are not driving, and the first beta of iOS 26.4 suggests the feature may be nearing availability.
There are several new references to CarPlay video streaming functionality within the iOS 26.4 beta's source code. The feature is not yet visible to users, but...
New trade-in data indicates that Apple's iPhone 17 Pro Max has rapidly become the single most traded-in smartphone.
According to a new report from SellCell, Apple's latest flagship iPhone has quickly risen to the top of the independent trade-in market, accounting for 11.5% of all devices appearing in the top-20 trade-in rankings just months after release. The analysis is based on SellCell...
Apple on Monday invited selected journalists and content creators to a "special Apple Experience" on Wednesday, March 4 in New York, London, and Shanghai.
At an Apple Experience, attendees are typically given the opportunity to try out Apple's latest hardware or software. Following the launch of Apple Creator Studio last month, for example, some content creators attended an Apple Experience...
