Apple has released fixes and updates for multiple products including iOS, macOS, Safari, iPadOS, tvOS, and watchOS. This is to address an actively exploited zero-day in the WebKit browser engine plus a few other things. It is advised to update ASAP as Apple reports this as being actively exploited.
Read more in:
https://support.apple.com/en-us/HT213635: About the security content of iOS 16.3.1 and iPadOS 16.3.1
https://support.apple.com/en-us/HT213633 : About the security content of macOS Ventura 13.2.1
https://support.apple.com/en-us/HT213638 : About the security content of Safari 16.3.1
——-
New tools/resources have been seen online providing access to account breach data that matches account names, email addresses, and passwords. This is an excellent time to remind everyone of the dangers of password reuse. You should not use the same password at more than one site/app. And if you have been using the same or similar passwords for multiple years, it’s time to change them. And please do not use small changes for new passwords such as changing from Molly1994 to Molly1995. You should change at least 4 characters when changing passwords, and consider moving to punctuated passphrases with a mix of character types. An example of a good pass-phrase/password is “please bUy 3 Pizzas&Pepsi?” or “#3 blind RATs can’t see!” and they are easy to remember.
——-
Also, be sure you keep your home network devices up to date. Now is a good time to inventory your devices including routers, Access points, printers, TVs, streaming devices, etc, and make sure they are running the latest firmware, and that OS’s and applications are up to date. Remember that Windows 10 versions are only supported for 18 months, so check that you are running version 21H2 or later. You can run the winver app to see the version. Windows versions 7 and 8/8.1 are also out of support as of last month and no longer receiving updates leaving devices vulnerable.
Regards,
Daniel Weatherly
Director of Security Services
Mainstream Technologies Inc
501-801-6706
