Apple has revealed that the iOS 16.3.1 and iPadOS 16.3.1 updates address a security issue that could lead to a “maliciously crafted certificate.”
According to Apple’s website, the issue could contribute to a denial-of-service attack leading to hackers inundating a device or its network with traffic, leading to a crash. “A denial-of-service issue was addressed with improved input validation,” Apple says of the update.
This applies to all models of the iPad Pro, iPad Air 3rd-Gen and later, iPad 5th-Gen and later, iPad mini 5t-Gen and later, and the iPhone 8 and later.
The updates also address two other security patches. The first is an app’s ability to carry out code with “kernel privileges.” The second relates to hackers controlling code by accessing malicious web content. “Apple is aware of a report that this issue may have been actively exploited,” the company says on the latter security patch.