Security Researchers Delve Into Major Vulnerability Patched in iOS 16.3 and macOS 13.2

With almost every iOS and macOS update, Apple includes a host of security improvements to address major vulnerabilities. iOS 16.3 and macOS Ventura 13.2, released back in January, were no exception. Both updates included fixes for a long list of issues, including two that were highlighted today in a report from Trellix.

iOS 16
Trellix Advanced Research Center discovered a new class of privilege execution bugs within iOS and macOS, which could be exploited to delve into an iPhone or Mac user's messages, location data, photos, call history, and more.

In a blog post highlighting how the bug was found, Trellix explains how mitigations that Apple introduced for the FORCEDENTRY zero-click exploit in September 2021 could by bypassed, allowing for a "huge range of potential vulnerabilities."

Trellix found its first vulnerability in the coreduetd process, which could be used to give an attacker access to a person's calendar, address book, and photos. Vulnerabilities in OSLogService and NSPredicate were able to be exploited to achieve code execution within Springboard, providing attackers access to the camera, microphone, call history, and more.

Data about these vulnerabilities was relayed to Apple, and the company fixed the exploits in iOS 16.3 and macOS 13.2 Ventura. Security support documents for both updates were refreshed yesterday to reflect the addition of the patches.

Trellix is credited with two vulnerabilities (CVE-2023-23530 and CVE-2023-23531) that Apple patched with improved memory handling. Trellix said that it thanks Apple for working quickly to fix the issues.

Top Rated Comments

Realityck Avatar
15 months ago

apple stans in panic mode after realizing the walled garden is useless
MacOS is not a walled garden.
Score: 31 Votes (Like | Disagree)
NT1440 Avatar
15 months ago

It's us users who pay the price for Apple's recent lack of software quality
Show me one piece of software that doesn’t have bugs and I’ll show you a piece of software that just hasn’t been examined enough.

This is the world of modern software, millions of interacting libraries, improper error checking in places that no one should be able to get to but a different exploit was found to allow for it, etc.

This isn’t an obvious “password is in plaintext” kind of security flaw. This is a chain of flaws. This is how the world works now.
Score: 30 Votes (Like | Disagree)
I7guy Avatar
15 months ago
I guess according every other vendor in the world writes code that is 100% bug free with no vulnerabilities.:rolleyes:
Score: 28 Votes (Like | Disagree)
madmin Avatar
15 months ago
It's us users who pay the price for Apple's recent lack of software quality
Score: 22 Votes (Like | Disagree)
rgwebb Avatar
15 months ago

It's us users who pay the price for Apple's recent lack of software quality
Weird takeaway from a story about Apple rapidly responding to a white hat security team's notification of vulnerabilities.
Score: 20 Votes (Like | Disagree)
citysnaps Avatar
15 months ago

I guess according every other vendor in the world writes code that is 100% bug free with no vulnerabilities.:rolleyes:
It's astonishing so many people believe that's true.

Apparently everything else in their lives marches to 100.0% perfection 100.0% of the time.
Score: 17 Votes (Like | Disagree)

Popular Stories

iPhone 16 Camera Lozenge 2 Colors

iPhone 16 Plus Rumored to Come in These 7 Colors

Wednesday April 10, 2024 3:52 am PDT by
Apple's iPhone 16 Plus may come in seven colors that either build upon the existing five colors in the standard iPhone 15 lineup or recast them in a new finish, based on a new rumor out of China. According to the Weibo-based leaker Fixed focus digital, Apple's upcoming larger 6.7-inch iPhone 16 Plus model will come in the following colors, compared to the colors currently available for the...
apple tv 4k yellow bg feature

When to Expect a New Apple TV to Launch

Tuesday April 9, 2024 8:30 am PDT by
It has been nearly a year and a half since the current Apple TV was released, so the device is becoming due for a hardware upgrade. Below, we recap rumors about the next Apple TV, including potential features and launch timing. The current model is the third-generation Apple TV 4K, announced in October 2022. Key new features compared to the previous model from 2021 include a faster A15...
apple silicon feature joeblue

Macs to Get AI-Focused M4 Chips Starting in Late 2024

Thursday April 11, 2024 10:10 am PDT by
Apple will begin updating its Mac lineup with M4 chips in late 2024, according to Bloomberg's Mark Gurman. The M4 chip will be focused on improving performance for artificial intelligence capabilities. Last year, Apple introduced the M3, M3 Pro, and M3 Max chips all at once in October, so it's possible we could see the M4 lineup come during the same time frame. Gurman says that the entire...
iOS 18 WWDC 24 Feature 2

iOS 18 May Feature All-New 'Safari Browsing Assistant'

Wednesday April 10, 2024 6:11 am PDT by
iOS 18 will apparently feature a new Safari browsing assistant, according to backend code on Apple's servers discovered by Nicolás Álvarez. MacRumors contributor Aaron Perris confirmed that the code exists, but not many details are known at this time. Álvarez said it seems like the browsing assistant will use iCloud Private Relay's infrastructure to send relevant data to Apple in a...

Review: Six Months With the iPhone 15 Pro

Wednesday April 10, 2024 10:53 am PDT by
It's been a bit over six months since the iPhone 15 lineup came out in September, and MacRumors videographer Dan Barbera has been using an iPhone 15 Pro Max sans case since launch. Over on our YouTube channel, Dan did a long term review to demo how his phone has held up and his thoughts on the Action button, battery life, and camera features. Subscribe to the MacRumors YouTube channel for more ...
iPhone 16 Pro Sizes Feature

Alleged iPhone 16 Battery Details Show Smaller Capacity for One Model

Tuesday April 9, 2024 3:46 am PDT by
Apple's upcoming iPhone 16 lineup will feature bigger battery capacities compared to previous-generation models with the exception of the iPhone 16 Plus, which will have a smaller battery than its predecessor. That's according to the Chinese Weibo-based leaker OvO Baby Sauce OvO, a relatively new source of supply chain leaks with an as-yet unproven track record for accuracy. The iPhone 16 ...