Apple Emergency Security Patch Contains a Bug of Its Own


Protect Your Access to the Internet

Apple has released a set of emergency patches to fix an exploitable flaw in its products, but in a bit of irony, the same patches contain their own software bug. 

On Monday, Apple released three patches after hackers were spotted exploiting a previously unknown flaw that affects iOS, iPadOS and Safari on macOS, along with macOS Ventura

The company learned of the threat from an anonymous security researcher. Although details remain thin, Apple says the flaw involves processing malicious web content, triggering the system to execute computer code. This likely means the hackers have been abusing the flaw through phishing messages or websites, which can be booby-trapped to load malware

The threat was serious enough to cause Apple to rush out a patch. However, users in MacRumors’ forums who loaded the patch immediately reported problems. When visiting sites such as Facebook, WhatsApp, or Zoom, Safari shows an error, mentioning “this browser is no longer supported.”

“Yup this breaks Facebook. Maybe that’s the security fix?” one user joked in response. 

In a support document posted on Tuesday, Cupertino confirmed the earlier patches can create problems for users. “Apple is aware of an issue where recent Rapid Security Responses might prevent some websites from displaying properly,” the company said. 

In response, Apple is preparing to release a new version of the patch, labeled the (b) series, which should arrive soon. For users who installed the original patches, dubbed the (a) series, the company has included instructions on how to remove them. 

Meanwhile, the new patches will arrive as Rapid Security Responses iOS 16.5.1 (b), iPadOS 16.5.1 (b), and macOS 13.4.1 (b).