5 major security issues with iOS 17.2 and macOS Sonoma

Updated December 13, 2023: Alongside macOS Sonoma 14.2, Apple also released macOS Ventura 13.6.3 and macOS Monterey 12.7.2 to improve the security of computers that do not support macOS 14 (source).

Last night,Apple rolled out iOS 17.2 for everyone. On the menu, many security vulnerabilities have been filled for the occasion. Apple fortunately explains that it does not appear that hackers had time to take advantage of it, at least before the deployment of these patches.

Among the dangers, we can notably cite the case of a problem with the Locate app, which as its name suggests provides device geolocation information to users. The platform makes it possible to find a lost iPhone or Mac, provided that the device in question can communicate wirelessly with the rest of the Apple ecosystem (in particular via Bluetooth). The problem is that before the release of iOS 17.2, a third-party app risked being able toaccess GPS datacorresponding. But now it's ancient history.

With this, it is Siri who benefits from a significant improvement preventing potential hackers from being able to access its relatively sensitive user data. We don't know if these are specifically audio recordings, however, but the voice assistant's ability to store its information locally won't have helped much here. Indeed, to take advantage of the breach, you simply had to have physical access to the cell phone.

Finally, the update to iOS 17.2 explains that with certain iPhone and iPad models, a new patch now blocks theunauthorized access to private browsing tabsfrom Safari. Among the models affected by this incident, we find in particular the second generation 12.9-inch iPad Pro and subsequent versions or even mobiles released from the iPhone XS (included). Including the iPhone 14 and the iPhone 15, therefore.

Around twenty security fixes for macOS Sonoma 14.2

At the same time, Apple also rolled out macOS Sonoma 14.2 for Mac users. Within this update, we find a patch preventingattacks via Bluetoothcan take control of the operating system by usurping the keyboard's capabilities.

On the web side, the Apple firm specifies that the WebKit rendering engine (which notably powers Safari) could until now let certain malicious Internet users execute code arbitrarily: with version 14.2, this is no longer possible.

Installation is required!

With iOS 17.2 and macOS Sonoma 14.2, Apple also released iPadOS 17.2, watchOS 10.2 and tvOS 17.2 for Apple TVs last night.

It is already recommended to install the corresponding updates, to ensure maximum cybersecurity for your devices. And this particularly for risk profiles, such as users with a certain notoriety, whistleblowers or even employees of institutional and official organizations.

For the latter, in France, the government also advises using the appForgot– instead of WhatsApp or Telegram – to create conversations with your contacts.