Just four days after the initial launch of iOS 17, Apple has rolled out iOS 17.0.1 and iPadOS 17.0.1 to fix bugs and address critical security vulnerabilities in iPhones and iPads. The updates, released on September 22, 2023, come alongside watchOS 10.0.1 for Apple Watch models.
According to Apple’s support document, iOS 17.0.1 and iPadOS 17.0.1 patch three serious issues in the kernel, security, and WebKit components that could allow potential attackers to bypass security protections and execute arbitrary code on affected devices.
The most severe of these is a kernel vulnerability tracked as CVE-2023-41992 that could enable a local user to elevate privileges. Another issue in iOS and iPadOS security (CVE-2023-41991) could lead to an app bypassing signature validation to exploit elevated privileges. The WebKit flaw (CVE-2023-41993) could let malicious web content execute arbitrary code on the device.
These vulnerabilities were reported to Apple by security researchers at The Citizen Lab and Google’s Threat Analysis Group. The Citizen Lab recently exposed the use of the FORCEDENTRY zero-click exploit by NSO Group’s Pegasus spyware to hack into the iPhones of journalists and activists.
Apple has credited the researchers Bill Marczak (The Citizen Lab) and Maddie Stone (Google TAG) for their assistance in addressing these issues that could have been actively exploited on older iOS versions prior to iOS 16.7.2.
It is highly recommended that users upgrade to iOS 17.0.1 and iPadOS 17.0.1 promptly to ensure their iPhones and iPads are protected against potential targeted attacks leveraging these now-patched vulnerabilities.
The iOS 17.0.1 and iPadOS 17.0.1 updates are available for iPhone XS and later models, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later and iPad mini 5th generation and later.
Users can install the latest iOS and iPadOS updates by navigating to Settings > General > Software Update and tapping Download and Install. The watchOS 10.0.1 update for Apple Watch Series 3 and above can be installed via the Watch app on iPhone.