Apple has released iOS 16.4.1, iPadOS 16.4.1 and macOS 13.3.1 for iPhone, iPad and Mac respectively. And recommends installing them as soon as possible, since they all include important security fixes.
The new software fixes two vulnerabilities with which attackers can gain access to user data. The company noted that they are already being actively exploited. This is the reason for the unexpected release of the update.
One of the gaps is found in the IOSurfaceAccelerator system and allows third-party applications to execute arbitrary code with kernel privileges. That is, any developer through programs from the App Store can take advantage of this vulnerability and perform almost any actions on someone else's iPhone.
The second error was found in WebKit. In this case, attackers can use the browser on the user's device.
The Cupertino company has also released a new Safari 16.4.1 update for macOS Monterey and macOS Big Sur, which probably fixes the WebKit vulnerability.