update safari to 16.3

You are using an outdated browser. Please upgrade your browser to improve your experience.

Big Safari & Kernel issues fixed in iOS 16.3.1, macOS 13.2.1 updates

16-inch MacBook Pro

Apple introduced small incremental updates across its software ecosystem on Monday, with iOS 16.3.1 , iPadOS 16.3.1 , and macOS 13.2.1 available to download by the public.

Following the release, Apple has published details about the security content of each update , with a lot of crossover between the three operating systems.

The first, a Kernel issue, impacts all three updates, and is described as one where "an app may be able to execute arbitrary code with kernel privileges. The fix addressed a "use after free issue" by adding "improved memory management.

Identified as CVE-2023-23514, the issue was declared by Xinru Chi of Pangu Lab and Ned Williamson of Google Project Zero.

The second, a WebKit problem, is listed as impacting all of the operating systems, as well as Safari itself. Under the issue, "processing maliciously crafted web content may lead to arbitrary code execution."

Apple adds that it is "aware of a report that this issue may have been actively exploited." It has since been fixed with "improved checks."

It is identified as CVE-2023-23529, and was found by "an anonymous researcher.

The last issue is for Shortcuts, and specifically affects macOS Ventura . Under the issue, an app "may be able to observe unprotected user data," which was fixed with "improved handling of temporary files."

CVE-2023-23522 was found by Wenchao Li and Xiaolong Bai of Alibaba Group.

Sponsored Content

Bluetti AC240 portable power station pushes the boundaries with IP65 waterproof rating

Top stories.

Beyond TSMC, how Apple's supply chain will be disrupted by the Taiwan earthquake

Apple's next big thing could be a home robot

Google could charge Apple users for AI tools in iOS 18

External drive support in macOS Sonoma is partially broken, and it's probably Apple's fault

macOS 15 will get a big AI boost: what to expect at WWDC 2024

Featured deals.

This best-selling M3 MacBook Pro 14-inch with 16GB RAM is on sale for $1,599

Latest comparisons.

M3 15-inch MacBook Air vs M3 14-inch MacBook Pro — Ultimate buyer's guide

M3 MacBook Air vs M1 MacBook Air — Compared

M3 MacBook Air vs M2 MacBook Air — Compared

Latest news.

iPhone 16 dummy units show off Capture button, new camera bump

A range of small design tweaks are coming to iPhone 16 and iPhone 16 Pro, and some dummy units used by case makers provide a first glance at what's coming.

How to always have recently-opened items at your fingertips

Your most recently-opened files are easily accessible from multiple places on a Mac, making it easy to get back to them.

Apple Music, TV+, other services were down

Apple's system status page showed 11 outages across its services including Apple Music, Apple Arcade, Apple TV+, and the App Store.

Rumors suggest Google is looking to offer premium generative AI features just as Apple is allegedly planning an AI App Store for iOS 18.

Beyond TSMC, Apple's supply chain will be disrupted by the Taiwan earthquake

The Taiwan earthquake will cause issues for a number of Apple suppliers beyond TSMC, but the supply chain's impact probably won't be severe long-term, thanks to globalization. Here are some of Apple's suppliers that the company will need to keep an eye on for a while.

An Apple robotics division has risen from the ashes of the Apple Car and wants to build an autonomous robot companion for your home.

Apple Vision Pro gains Niantic tech to open up more AR experiences

Niantic will be supporting the Apple Vision Pro with its 8th Wall Metaversal Deployment, which could make it easier for developers to bring WebAR experiences to Apple's mixed-reality headset.

Amazon's $89 AirPods deal delivers best price available

Amazon's fresh AirPods price drop delivers a $40 discount on the most affordable entry into Apple's AirPods line.

Apple Savings gets first ever interest rate cut

As of April 3, 2024, the annual percentage yield for Apple Savings account users is 4.4%, down from its previous high of 4.5% set in January.

How third-party App Stores will look to users in the EU

While EU users wait for the launch of new third-party app stores for the iPhone, the developer behind AltStore has demonstrated how they will all work.

Latest Videos

Apple Ring rumors & research - what you need to know about Apple's next wearable

WWDC 2024 will show off Apple's AI efforts on June 10

iPhone 15 Pro Max review six months later: Still an exciting upgrade

Latest reviews.

TP-Link Tapo Indoor cameras review: affordable HomeKit options with in-app AI tools

ShiftCam LensUltra Deluxe Kit review: Upgrade your iPhone photo shooting game

Keychron Q1 Max review: cushy, comfortable, costly

{{ title }}

{{ summary }}

About the security content of Safari 16.3

This document describes the security content of Safari 16.3.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the  Apple security updates  page.

Apple security documents reference vulnerabilities by  CVE-ID  when possible.

For more information about security, see the  Apple Product Security  page.

Safari 16.3

Released January 23, 2023

Available for: macOS Big Sur and macOS Monterey

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: The issue was addressed with improved checks.

WebKit Bugzilla: 245464 CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming Wang, JiKai Ren and Hang Shu of Institute of Computing Technology, Chinese Academy of Sciences

Description: The issue was addressed with improved memory handling.

WebKit Bugzilla: 248268 CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE

WebKit Bugzilla: 248268 CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE

Additional recognition

We would like to acknowledge Eliya Stein of Confiant for their assistance.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Start a discussion in Apple Support Communities

Apple fixes a few annoyances with iOS 16.3.1, iPadOS 16.3.1, macOS 13.2.1, watchOS 9.3.1 and tvOS 16.3.2

Release notes for iOS and iPadOS 16.3.1, macOS 13.2.1, watchOS 9.3.1 and tvOS 16.3.2 reveal bug fixes related to iCloud, Siri on HomePod and more.

On February 13, 2023, Apple released some updates for its iPhone, iPad, Mac, Apple Watch and Apple TV hardware. Instead of outward-facing new user features, the updates focus on fixing a few annoying bugs that users have complained about.

For instance, one of the patches in iOS 16.3.1 resolves an issue where Siri on HomePod would cause some HomeKit requests to fail or time out. macOS Ventura 13.2.1 includes security patches for the system kernel, the Shortcuts app and WebKit. The kernel and WebKit fixes are also part of watchOS 9.3.1 and tvOS 16.3.2.

What’s new in iOS 16.3.1?

iOS 16.3.1 provides bug fixes for the iCloud section in the Settings app being unresponsive or incorrectly displaying whether apps are using iCloud.

There are also fixes for when Siri requests for the Find My app wouldn’t work. iOS 16.3.1 also optimizes the iPhone 14’s Crash Detection, likely to address skiers accidentally triggering the feature. The security patches in iOS 16.3.1 resolve a pair of vulnerabilities related to the kernel and Safari’s WebKit engine.

To install iOS 16.3.1 on your iPhone, go to Settings → General → Software Update , then hit Install Now or Download and Install . To apply the update, you must enter your iPhone’s passcode and the device must be connected to a Wi-Fi network.

What’s new in iPadOS 16.3.1?

iPadOS 16.3.1 sports the same iCloud and Siri-related fixes as iOS 16.3.1, including patches for the kernel and WebKit vulnerabilities that could permit an attacker to execute arbitrary code via a rogue app or maliciously crafted web content. Apple says it’s aware of a report that the WebKit issue may have been actively exploited.  To update your iPad , open Settings → General → Software Update .

What’s new in macOS Ventura 13.2.1?

The official release notes for macOS Ventura 13.2.1 don’t reveal much about the update beyond stating that it provides “important bug fixes and security updates for your Mac,” including patches for the kernel, Shortcuts and WebKit issues.

The kernel and WebKit patches are the same as in iOS 16.3.1. A fix for the Shortcuts app patches an exploit that could allow an app to observe unprotected user data. Apple fixed this privacy problem with “improved handling of temporary files.”

To install macOS Ventura 13.2.1, click the Apple menu, select   System Settings , and then navigate to General → Software Update . If you see the macOS Ventura 13.2.1 update listed, click the button to install it.

What’s new in watchOS 9.3.1?

watchOS 9.3.1 includes unspecified bug fixes and security updates. Apple hasn’t provided release notes for the update, but we’ll update the article with a list of changes as soon as the official changelog has been published on Apple’s website.

To install watchOS 9.3.1 directly on your Apple Watch, go to Settings → General → Software Update , then hit Install and follow the onscreen instructions. You can also update your Apple Watch through your iPhone by opening the companion Watch app and navigating to My Watch → General → Software Update .

To install the update, your watch must be plugged into power, have at least fifty percent battery, be connected to a Wi-Fi network and nearby its paired iPhone.

What’s new in tvOS 16.3.2?

Official details were unavailable at publication time, but it would seem that tvOS 16.3.2 brings the same security updates to your Apple TV HD and Apple TV 4K as iOS 16.3.1. To update your Apple TV manually, go to Settings → System → Software Updates and select Update Software . If you see a tvOS 16.3.1 update listed there, choose Download and Install . Keep your Apple box connected and plugged into power until the update is complete.

What’s new in HomePod software 16.3.2?

iOS 16.3.2 also includes updates for your HomePod and HomePod mini devices. Aside from general performance and stability improvements, HomePod software 16.3.2 focuses on fixing a HomeKit-related issue where asking Siri on HomePod to control your smart home appliances would time out or completely fail.

To update your Apple smart speaker, open the Home app on your iPhone, iPad or Mac, then hit the … (ellipsis) menu and choose Home Settings → Software Update . If there’s a new update, hit the Update button to download and install it.

Relevant Apple support documents

As is the case for other Apple OS updates, the new software is supported by technical documents on Apple’s website, which contain the official release notes, the contents of security updates and so on.

• iOS 16.3.1 release notes
• iPadOS 16.3.1 release notes
• macOS Ventura 13.2.1 release notes
• tvOS 16.3.2 release notes
• watchOS 9.3.1 release notes
• HomePod software 16.3.2 release notes
• Apple security updates

Should I update to iOS 16.3.1? Here's what Apple's newly updated software does

Have you updated your iPhone yet?

Apple has released iOS 16.3.1, an update to its operating system that fixes a security vulnerability that hackers may have exploited in the wild. 

According to Apple's support page, the bug was in  WebKit , the web browser engine used by Safari. The problem could allow an attacker to execute code on someone's device.

iOS 16.3.1 also fixes an issue in the Kernel at the core of the operating system that could allow an app to execute arbitrary code with kernel privileges. 

The update comes just weeks after the release of iOS 16.3 , which added the ability to use security keys for two-factor authentication. 

Apple said the issues affect iPhone 8 models and later. It also released  macOS 13.2.1, iPadOS 16.3.1 and Safari 16.3.1 security updates.

Your iPhone Face ID is vulnerable: Change the Face ID setting, or anyone can get into your iPhone

iOS 16.3: Here are the new features coming to your iPhone

What else is new in iOS 16.3.1?

iOS 16.3.1 promises to improve Crash Detection  on iPhone 14 and iPhone 14 Pro models. 

Crash Detection is a feature that alerts emergency services if your iPhone 14 detects a "severe car crash" and is on by default. 

It also brings fixes to iCloud settings and Siri requests for Find My. 

Google's answer to ChatGPT:  Here's what you need to know about its new AI chatbot

Talking Tech: Subscribe to get the latest tech news

How to update your iPhone to iOS 16.3.1

To update your iPhone manually, go to Settings, click on General and select Software Update.

If you have your device set to automatic updates, your iPhone will download and install the update overnight while charging and connected to Wi-Fi. 

To install updates automatically, go to Settings, click on General, select Software Update and enable automatic updates.

• Mobile Site
• Staff Directory
• Advertise with Ars

Filter by topic

• Biz & IT
• Gaming & Culture

Front page layout

update now —

Apple releases ios 16.3.1 and other updates with fix for “actively exploited” bug, also includes fixes for iphone 14 crash detection, siri, and icloud bugs..

Andrew Cunningham - Feb 13, 2023 8:51 pm UTC

Apple is releasing minor updates to all of its major software platforms today to address one high-priority security vulnerability and to fix a handful of other device- and service-specific issues. The iOS 16.3.1 , iPadOS 16.3.1, and macOS 13.2.1 updates all patch an "actively exploited" arbitrary code execution vulnerability in WebKit/Safari, and a second kernel vulnerability that isn't known to be actively exploited.

Those updates also fix an issue that could cause iCloud to become unresponsive and a Siri bug that was keeping it from working properly with the Find My feature. A HomePod 16.3.2 OS update also fixes some Siri problems that could cause smart home requests to fail. Detailed release notes aren't available for watchOS 9.3.1 or tvOS 16.3.2, but those updates are also available to download and presumably fix similar problems.

For iPhone 14 models, the iOS 16.3.1 update makes further tweaks to the Crash Detection safety feature. Meant to automatically contact first responders in the event of a car crash or sudden fall, Crash Detection has also made headlines for the false positives that it can generate— riding rollercoasters , skiing , dropping the phone at high velocities, and other activities have all set off Crash Detection.

Further Reading

For users of older Apple devices, there is a Safari update available for macOS Big Sur and Monterey to fix the WebKit bug, but no equivalent iOS 15 or iPadOS 15 update for older iPhones and iPads, and no documented fix for the kernel issue in any of these older operating systems. We've asked Apple whether these OS versions are vulnerable to these bugs and, if so, whether the company plans to release an update for them. We'll update the article if we receive a response.

reader comments

Channel ars technica.

The Best Way Yet to Measure Browser Performance">Speedometer 3.0: The Best Way Yet to Measure Browser Performance

Mar 11, 2024

by Ryosuke Niwa

As announced on browserbench.org today, in collaboration with other browser engine developers, Apple’s WebKit team is excited to introduce Speedometer 3.0 , a major update that better reflects the Web of today. It’s built together by the developers of all major browser engines: Blink, Gecko, and WebKit with hundreds of contributions from companies like Apple, Google, Intel, Microsoft, and Mozilla. This post is a deep dive into how the collaborative Speedometer project improved the benchmark’s measurements methods and test content.

To recap history, in 2014, the WebKit team at Apple released the Speedometer browser benchmark , designed to measure the responsiveness of websites and web apps.

The original Speedometer simulated user interactions in web applications, driving TodoMVC sample apps written using different JavaScript frameworks to add, complete, and remove todo items. It was unlike other DOM or web app benchmarks publicly available at the time. These older benchmarks were mostly collections of micro-benchmarks, and didn’t reflect how DOM APIs were used in real web apps, or how individual APIs interacted with the rest of the web browser engine. Speedometer quickly became an important tool for performance measurement and tuning not just in WebKit but also in other browser engines.

In 2018 the WebKit team, in collaboration with Google’s Chrome team, released Speedometer 2.0 , updated to use the latest frameworks and libraries available at the time. The Speedometer benchmark has since gained even more popularity among browser engines as a guide for optimization, and among independent testers and reviewers to compare different devices, operating systems, and browsers.

Today’s release of Speedometer 3.0 marks a major step forward in web browser performance testing. It improves the accuracy of measurement and measures the performance of a wide variety of contents.

Cross-Browser Collaboration

Speedometer 3.0’s release is a result of the collaboration among browser developers to improve the Web as a whole together. Much as Interop 2024 represents joint work to test and improve standards compliance, Speedometer 3.0 is a joint effort to test and improve browser performance.

Where previous Speedometer versions were developed as part of the WebKit project, Speedometer 3.0 has been developed and released under a joint multi-stakeholder governance model including the three major engine browsers: Blink, Gecko, and WebKit, and the repository has received hundreds of open source contributions since the original announcement in December 2022 . This collaboration better ensures fairness in measurement and workload composition. And together, the group created a shared vision for the benchmark.

Improved Test Harness

We’ve improved the way Speedometer measures runtime performance. Prior Speedometer versions measured the time to run a test script synchronously as “sync” time; and the time until a zero-delay timer scheduled at the end of “sync” work fires as “async” time, as shown in the following diagram:

However, this method sometimes misses important work that browser engines do in response to script-driven changes, because synchronous tasks and the zero-delay timer are scheduled without considering the timing of rendering updates. It also didn’t capture any work frameworks delay until the next requestAnimationFrame (rAF) callback, a common technique in modern frameworks. The following diagram illustrates how important work could be missed by the time calculations.

Speedometer 3.0 takes advantage of the fact that all browser engines have adopted the HTML5 event loop model for updating the webpage rendering. It measures test scripts within a requestAnimationFrame callback as “sync” time, and the time to fire zero-delay timer scheduled in a second requestAnimationFrame as “async” time:

Because the zero-delay timer is now scheduled in a second requestAnimationFrame, it’s guaranteed to be fired after all the zero-delay timers scheduled during the synchronous portion of the test had fired. Thanks to HTML5’s event loop processing model, browser engines update the rendering of web pages after all requestAnimationFrame are called before the next zero-delay timer fires. These changes greatly improved Speedometer’s ability to accurately measure the runtime of synchronous work and asynchronous work browsers do in response to script that handles user events.

The test harness has also been rewritten to use modern JavaScript features like modules, native promises, let & const, async & await, and class syntax, which were not widely available at the time Speedometer 1.0 was first written.

Like its precursors, Speedometer 3.0 sums up the runtime taken to simulate user actions such as adding todo items, completing them, and removing them per each workload, and computes the geometric mean of the totals across different workloads. The final score is calculated as the arithmetic mean of the reciprocal of the geometric mean:

Adjustment to Score

Since Speedometer’s benchmark content was last updated in 2018, web browsers have gotten increasingly better at handling Speedometer content. Moreover, new hardware, such as Apple Silicon Macs, continues to push the boundary of what’s possible in computing. Where originally scores were scaled to be under 100, modern browsers now can score over 500 on the fastest devices. To make scores easier to compare and to make room for future improvements, we’ve adjusted the score so that a typical web browser will get a score in the 20-30 range to start out.

Updated UI Frameworks

Now let’s take a look at the test content in Speedometer 3. Like the past versions of Speedometer, version 3.0 includes TodoMVC-based todo apps that emulate adding, completing, and removing todo items. To better represent the modern Web, the most widely used JavaScript UI frameworks were identified from the HTTP Archive in March 2023:

The monthly downloads in NPM was also taken into account to find frameworks with high momentum:

Based on these data points, we’ve included the following JavaScript frameworks in our todo apps: Angular , Backbone , jQuery , Lit , Preact , React , React+ Redux , Svelte , and Vue . For each framework, the most commonly used version at the time was picked. Todo implementations written in vanilla JavaScript using ES5, ES6, and web components are also included.

Complex DOM Versions

In addition, Speedometer 3.0 includes “complex DOM” versions of some of the TodoMVC applications. In these complex DOM versions, each todo app is embedded inside a UI structure which mimics a web application with many deeply nested DOM nodes and plenty of CSS rules. Even though the benchmark still emulates the same set of operations, doing so in the context of more DOM elements and CSS rules adds work and captures additional performance bottlenecks.

In order to ensure the variety of performance scenarios to be tested, Speedometer 3.0 includes 6 simple DOM todo applications and 6 complex DOM todo applications.

Broader Content

Together, these changes to todo apps dramatically improved the coverage of the benchmark. But Speedometer 3.0 takes it a step further and includes entirely new kinds of applications.

Speedometer 3.0 includes two test apps that mimic typical news sites, built using the popular single page application frameworks Next.js and Nuxt . It emulates user actions such as clicking on menu items and navigating to another page in the single page app setup.

Speedometer 3.0 also includes four charting applications based on Observable Plot , chart.js , React stockcharts , and WebKit’s performance dashboards . Observable Plot and React Stockcharts are based on D3 and test manipulating SVG-based graphics. Chart.js and WebKit’s performance dashboards test drawing canvas-based graphics.

Finally, Speedometer 3.0 has added two text editing applications: a JavaScript code editor built with CodeMirror and a WYSIWYG editor built with TipTap . In both scenarios, it emulates the steps to create a new editable region, loading a large amount of text, and syntax highlighting or boldening text:

The addition of these new applications dramatically broadens the scope of what Speedometer 3.0 measures, and provide new opportunities for browser engines to optimize a broad spectrum of features like JavaScript, style, layout, graphics, and DOM.

Future Work

Today marks a remarkable milestone for the Web platform. Speedometer 3.0 sets a whole new standard for measuring web browser performance. As browser developers optimize their engines, this will expand the horizon of what Web developers can achieve in the years to come. Because the goal of the Speedometer benchmark is to reflect the real-world Web as much as possible, we’re expecting this benchmark to evolve over time. We’ll be regularly updating the list of frameworks to be tested, and periodically updating the tested framework’s versions to reflect the real world usage. You can try Speedometer 3 benchmark on browserbench.org . If you have any feedback or questions, feel free to file issues on Github .

• a. Send us an email
• b. Anonymous form
• Buyer's Guide
• Upcoming Products
• Tips / Contact Us
• Podcast Instagram Facebook Twitter Mastodon YouTube Notifications RSS Newsletter

iOS 16.3 Now Available for Your iPhone With These 4 New Features

Apple released iOS 16.3 in late January following nearly six weeks of beta testing. The software update is available for the iPhone 8 and newer, and while it is a relatively minor update, it still includes a handful of new features, changes, and bug fixes.

Security Keys for Apple IDs

Apple does not plan to release its own hardware security keys. The feature relies on third-party security keys available from brands like Yubico, such as the YubiKey 5Ci , which has both Lightning and USB-C connectors for use with iPhones, iPads, and Macs.

Advanced Data Protection (Worldwide)

By default, Apple stores encryption keys for some iCloud data types on its servers to ensure that users can recover their data if they lose access to their Apple ID account. If a user enables Advanced Data Protection, the encryption keys are deleted from Apple's servers and stored on a user's devices only, preventing Apple, law enforcement, or anyone else from accessing the data, even if iCloud servers were to be breached.

All of a user's devices must be updated to software versions that support Advanced Data Protection in their country to use the feature. Outside the U.S., this includes iOS 16.3, iPadOS 16.3, macOS 13.2, tvOS 16.3, and watchOS 9.3.

Black Unity Wallpaper

Available in 41mm and 45mm sizes, the $49 band features the word "Unity" woven into the fabric with red, green, and black yarns that pay homage to the Pan-African flag, according to Apple. The band is available to order on Apple's online store.

Second-Generation HomePod Support

The new HomePod features two fewer tweeters and two fewer microphones than the original, an S7 chip for computational audio, a U1 chip for handing off music from an iPhone, and a new temperature and humidity sensor. The speaker remains controlled with Siri and supports Matter for compatibility with HomeKit and other smart home accessories.

The new HomePod can be ordered on Apple's online store for $299 in the U.S. and select other countries, with white and midnight color options available.

iOS 16.3 Release Notes

This update includes the following enhancements and bug fixes: - New Unity wallpaper honors Black history and culture in celebration of Black History Month - Security Keys for Apple ID allow users to strengthen the security of their account by requiring a physical security key as part of the two factor authentication sign in process on new devices - Support for HomePod (2nd generation) - Emergency SOS calls now require holding the side button with the up or down volume button and then releasing in order to prevent inadvertent emergency calls - Fixes an issue in Freeform where some drawing strokes created with Apple Pencil or your finger may not appear on shared boards - Addresses an issue where the wallpaper may appear black on the Lock Screen - Fixes an issue where horizontal lines may temporarily appear while waking up iPhone 14 Pro Max - Fixes an issue where the Home Lock Screen widget does not accurately display Home app status - Addresses an issue where Siri may not respond properly to music requests - Resolves issues where Siri requests in CarPlay may not be understood correctly

iOS 16.3 can be installed in the Settings app under General → Software Update.

Get weekly top MacRumors stories in your inbox.

Popular Stories

iPhone 16 Pro Expected Later This Year With These 12 New Features

Alleged iOS 18 Design Resource Reveals visionOS-Like Redesign [Updated]

Apple Card Savings Account to Receive First-Ever Interest Rate Decrease

What to Expect From iOS 17.5

Apple Says iPhone 6 Plus Now 'Obsolete' and iPad Mini 4 Now 'Vintage'

Apple Exploring 'Mobile Robot' That 'Follows Users Around Their Homes'

Best Buy Introduces All-Time Low Prices on Apple's M3 MacBook Pro for Members

Apple Researchers Reveal New AI System That Can Beat GPT-4

Next article.

Our comprehensive guide highlighting every major new addition in iOS 17, plus how-tos that walk you through using the new features.

App Store changes for the EU, new emoji, Podcasts transcripts, and more.

Get the most out your iPhone 15 with our complete guide to all the new features.

A deep dive into new features in macOS Sonoma, big and small.

Revamped models with OLED displays, M3 chip, and redesigned Magic Keyboard accessory.

Updated 10.9-inch model and new 12.9-inch model, M2 chip expected.

Apple's annual Worldwide Developers Conference will kick off with a keynote on June 10.

Expected to see new AI-focused features and more. Preview coming at WWDC in June with public release in September.

Other Stories

2 days ago by MacRumors Staff

6 days ago by Tim Hardwick

6 days ago by Juli Clover

An official website of the United States government

Here’s how you know

Official websites use .gov A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

#protect2024 Secure Our World Shields Up Report A Cyber Issue

Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094

CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094 . XZ Utils is data compression software and may be present in Linux distributions. The malicious code may allow unauthorized access to affected systems. 

CISA recommends developers and users to downgrade XZ Utils to an uncompromised version—such as XZ Utils 5.4.6 Stable—hunt for any malicious activity and report any positive findings to CISA. 

See the following advisory for more information: 

• Red Hat: Urgent security alert for Fedora 41 and Rawhide users 

This product is provided subject to this  Notification  and this  Privacy & Use  policy.

Please share your thoughts

We recently updated our anonymous product survey ; we’d welcome your feedback.

Related Advisories

Cisa releases one industrial control systems advisory, cisa publishes new webpage dedicated to providing resources for high-risk communities, cisco releases security updates for multiple products, apple released security updates for safari and macos.