Skip to main content

iOS 16.6.1 patches security vulnerabilities in Wallet and more

After releasing iOS 16.6.1 for iPhone users this afternoon, Apple has also now published full details on the security fixes induced in the update. Apple says that iOS 16.1.1 patches two key security vulnerabilities, both of which “may have been actively exploited.”

The first fix in iOS 16.6.1 relates to Image I/O, which is Apple’s framework that allows apps to read and write most image file formats and access an image’s metadata. Apple shared the following details on this vulnerability and the fix:

  • Impact: Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
  • Description: A buffer overflow issue was addressed with improved memory handling.
  • CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk School

The second vulnerability patched in iOS 16.6.1 affected the Apple Wallet app:

  • Impact: A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
  • Description: A validation issue was addressed with improved logic.
  • CVE-2023-41061: Apple

The Image I/O bug was also patched with today’s release of macOS Ventura 13.5.2, but macOS was unaffected by the Wallet vulnerability. For Apple Watch users, watchOS 9.6.2 addresses the Apple Wallet bug, but the platform was unaffected by the Image I/O bug.

With these important security fixes, we recommend updating your iPhone, iPad, Mac, and Apple Watch devices to the latest versions of their operating systems as soon as possible.


Join 9to5Mac in supporting St. Jude this September for Childhood Cancer Awareness Month.

Follow ChanceThreadsTwitterInstagram, and Mastodon

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Chance Miller Chance Miller

Chance is the editor-in-chief of 9to5Mac, overseeing the entire site’s operations. He also hosts the 9to5Mac Daily and 9to5Mac Happy Hour podcasts.

You can send tips, questions, and typos to chance@9to5mac.com.

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications