iOS 16.2 update fixes critical zero-day flaw used to hack iPads, iPhones

Apple has released a patch to fix a zero-day flaw in a core module of Apple software. The flaw, which is pertaining to Apple’s WebKit browsing engine used in Safari (among other apps), could be used by hackers to inject tools that can spy on users, or steal data from their device.

The flaw has been patched as part of the iOS 16.2 update, which makes the update crucial for users to download and apply at the earliest. Given that the flaw is reportedly being exploited actively by cyber attackers around the world, Apple has not disclosed the exact way in which the exploits are being done.

Zero-day flaws, which refer to exploits that have not been reported, spotted or patched before, are often used stealthily by hackers around the world, before a company discovers and patches it. These flaws allow hackers to exploit users and steal data actively without being discovered, and are among the most valuable cyber exploits.

The issue, patched now by Apple, could allow hackers to tap into any app that uses the WebKit engine to steal info from users, or even trace them. The flaw was discovered by Google’s cyber security analysis and reporting arm, the Threat Analysis Group (TAG), which informed Apple about the same.

iOS 16.2 also brings with it the much-awaited update to enable 5G connectivity in iPhones in India. With this update, Apple’s devices are now compatible with 5G offerings from Reliance Jio and Bharti Airtel in India, in the select circles where connectivity has already been rolled out.