Apple today released iOS 16.6.1, iPadOS 16.6.1, and watchOS 9.6.2, minor updates for the iOS, iPadOS, and watchOS operating systems. The updates include bug fixes, as well as fixes for security vulnerabilities that Apple says may have already been exploited in the wild.
iOS 16.6.1 and iPadOS 16.6.1 can be downloaded on compatible iPhones and iPads, respectively, over the air by going to “Settings” -> “General” -> “Software Update.” Downloads could be slow, due to high demand. However, keep in mind that due to the security fixes in the update mean you should update as soon as possible.
watchOS 9.6.2 can be downloaded for free through the dedicated Apple Watch app on the iPhone by going to “General” -> “Software Update.” The Apple Watch needs to have at least a 50% battery charge, needs to be on a charger, and needs to be in the range of the iPhone.
The following is from Apple’s security support page:
iOS 16.6.1 and iPadOS 16.6.1
Released September 7, 2023
ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A buffer overflow issue was addressed with improved memory handling.
CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk School
Wallet
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A validation issue was addressed with improved logic.
watchOS 9.6.2
Released September 7, 2023
Wallet
Available for: Apple Watch Series 4 and later
Impact: A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A validation issue was addressed with improved logic.
CVE-2023-41061: Apple
