AppleがiPhoneなど向けiOS 16.4とiPadOS 16.4をリリース!


Appleは27日(現地時間)、同社が販売するスマートフォン(スマホ)「iPhone」シリーズ向けプラットフォーム「iOS」とタブレット「iPad」シリーズ向けプラットフォーム「iPadOS」の最新バージョン「iOS 16.4(20E247)」および「iPadOS 16.4(20E247)」を提供開始したとお知らせしています。

対象機種はiOS 16およびiPadOS 16の対象機種である最新の「iPhone 14」シリーズや「iPad(第10世代)」、「12.9インチiPad Pro(第6世代)」、「11インチiPad Pro(第4世代)」を含むiPhone 8以降およびiPhone SE(第2世代)以降、iPad(第5世代以降)、iPad Air(第3世代以降)、iPad mini(第5世代以降)、iPad Pro(全モデル)の各製品にて無料で更新可能です。

変更点は携帯電話回線による通話において周囲のノイズを遮断することによって“声を分離”して自分の声を優先して相手にはっきりと聞こえるようにする機能が追加されるほか、VoiceOverが天気Appの地図に対応したり、子供がヌードを含む写真を送受信したときに警告する機能を親や保護者が設定可能になるなどの新機能が追加されています。

またiPhone 14 ProおよびiPhone 14 Pro Maxにおける衝突事故検出の最適化に加え、子供からの承認と購入のリクエストが親・保護者の製品に表示されないことがある問題を修正、Matterと互換性のあるサーモスタットをApple Homeとペアリングしたときにサーモスタットが反応しなくなる可能性がある問題などのさまざまな不具合の修正、各種のセキュリティーアップデートが実施されています。

なお、セキュリティーアップデートについては「CVE-2023-27969」や「CVE-2023-27933」、「CVE-2023-27932」、「CVE-2023-27954」、「CVE-2023-23541」、「CVE-2023-23540」、「CVE-2023-27959」、「CVE-2023-27970」、「CVE-2023-23532」、「CVE-2023-23527」、「CVE-2023-27931」などの33個のCVEに登録されている脆弱性に対処されていると案内されています。

その他、iOS 16およびiPadOS 16に対応しないiPhoneやiPad、iPod touch向け「iOS 15.7.4」および「iPadOS 15.7.4」のほか、パソコン「Mac」向け「macOS」の最新バージョン「macOS 13.3(22E252)」やスマートウォッチ「Apple Wach」向け「watchOS」の最新バージョン「watchOS 9.5(20T253)」、セットトップボックス(STB)「Apple TV」向け「tvOS」の最新バージョン「tvOS 16.4(20L297)」なども提供開始されています。

iPhone向けのiOSの最新メジャーバージョンとして今年9月に提供開始されたiOS 16、iPad向けのiPadOSの最新メジャーバージョンとして今年10月に提供開始されたiPadOS 16ですが、その後にiPadOS 16.1のリリースに合わせてiOS 16.1が提供開始され、さらにフリーボードAppなどの新機能が追加されたiOS 16.2およびiPadOS 16.2、さらにHomePod(第2世代)に対応するなどのiOS 16.3およびiPadOS 16.3が提供されてきました。

その後、iOS 16.3およびiPadOS 16.3の不具合や脆弱性を修正するiOS 16.3.1やiPadOS 16.3.1が配信されていましたが、今回、新たに携帯電話回線による音声通話において周囲のノイズを低減して声を分離して相手に伝わりやすくする機能などの新機能が追加されたiOS 16.4およびiPadOS 16.4がリリースされました。iOS 16およびiPadOS 16の対象機種は以下の通り。

<iOS 16対応製品>
・iPhone 14
・iPhone 14 Plus
・iPhone 14 Pro
・iPhone 14 Pro Max
・iPhone 13
・iPhone 13 mini
・iPhone 13 Pro
・iPhone 13 Pro Max
・iPhone 12
・iPhone 12 mini
・iPhone 12 Pro
・iPhone 12 Pro Max
・iPhone 11
・iPhone 11 Pro
・iPhone 11 Pro Max
・iPhone XS
・iPhone XS Max
・iPhone XR
・iPhone X
・iPhone 8
・iPhone 8 Plus
・iPhone SE(第2世代)
・iPhone SE(第3世代)

<iPadOS 16対応製品>
・12.9インチiPad Pro(第6世代)
・12.9インチiPad Pro(第5世代)
・12.9インチiPad Pro(第4世代)
・12.9インチiPad Pro(第3世代)
・12.9インチiPad Pro(第2世代)
・12.9インチiPad Pro(第1世代)
・11インチiPad Pro(第4世代)
・11インチiPad Pro(第3世代)
・11インチiPad Pro(第2世代)
・11インチiPad Pro(第1世代)
・10.5インチiPad Pro
・9.7インチiPad Pro
・iPad Air(第5世代)
・iPad Air(第4世代)
・iPad Air(第3世代)
・iPad mini(第6世代)
・iPad mini(第5世代)
・iPad(第10世代)
・iPad(第9世代)
・iPad(第8世代)
・iPad(第7世代)
・iPad(第6世代)
・iPad(第5世代)

更新は従来通り各製品本体のみでOTA(On-The-Air)によりダウンロードで行え、方法としては、「設定」→「一般」→「ソフトウェア・アップデート」から行えます。またiTunesをインストールしたWindowsおよびMacとUSB-Lightningケーブルで接続しても実施できます。

なお、単体でアップデートする場合のダウンロードサイズは手持ちのiPhone 13 Pro MaxでiOS 16.3.1からだと1.91Bとなっています。Appleが案内しているアップデートの内容およびセキュリティーコンテンツの修正は以下の通り。

iOS 16.4
このアップデートには、以下の機能強化とバグ修正が含まれます:

・絵文字キーボードで、動物、手のジェスチャー、物などの21個の新しい絵文字を使用可能
・ホーム画面に追加したWeb Appの通知
・セルラー通話で“声を分離”を使用して、自分の声を優先し、周囲のノイズを遮断することが可能
・“写真”の“重複項目”アルバムで、iCloud共有写真ライブラリ内の重複する写真やビデオの検出にも対応
・VoiceOverが天気Appの地図に対応
・光の点滅やストロボ効果がビデオで検知された場合に、表示を自動的に暗くするアクセシビリティ設定を追加
・お子様用の“コミュニケーションの安全性”で、お子様がヌードを含む写真を送受信したときに警告する機能を親/保護者が設定可能
・お子様からの承認と購入のリクエストが親/保護者のデバイスに表示されないことがある問題を修正
・Matterと互換性のあるサーモスタットをApple Homeとペアリングしたときに、サーモスタットが反応しなくなる可能性がある問題に対応
・iPhone 14とiPhone 14 Proモデルでの衝突事故検出の最適化

一部の機能は、地域やAppleデバイスによっては使用できない場合があります。Appleソフトウェアアップデートのセキュリティコンテンツについては、次のWebサイトをご覧ください:
https://support.apple.com/ja-jp/HT201222

iPadOS 16.4
このアップデートには、以下の機能強化とバグ修正が含まれます:

・絵文字キーボードで、動物、手のジェスチャー、物などの21の新しい絵文字を使用可能
・11インチiPad Pro(第4世代)および12.9インチiPad Pro(第6世代)の“メモ”または対応しているAppで、書く前にあらゆる角度での筆跡をプレビューできるように、Apple Pencilのポイント機能に傾斜角と方位角の対応を追加
・ホーム画面に追加したWeb Appの通知
・“写真”の“重複項目”アルバムで、iCloud共有写真ライブラリ内の重複する写真やビデオの検出にも対応
・VoiceOverが天気Appの地図に対応
・光の点滅やストロボ効果がビデオで検知された場合に、表示を自動的に暗くするアクセシビリティ設定を追加
・お子様用の“コミュニケーションの安全性”で、お子様がヌードを含む写真を送受信したときに警告する機能を親/保護者が設定可能
・メモAppで描画中や手書き中に発生する可能性があるApple Pencilの反応に関する問題を修正
・お子様からの承認と購入のリクエストが親/保護者のデバイスに表示されないことがある問題を修正
・Matterと互換性のあるサーモスタットをApple Homeとペアリングしたときに、サーモスタットが反応しなくなる可能性がある問題に対応

一部の機能は、地域やAppleデバイスによっては使用できない場合があります。Appleソフトウェアアップデートのセキュリティコンテンツについては、次のWebサイトをご覧ください: https://support.apple.com/ja-jp/HT201222

iOS 16.4 and iPadOS 16.4
Released March 27, 2023

– Accessibility
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access information about a user’s contacts
Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2023-23541: Csaba Fitzl (@theevilbit) of Offensive Security

– Apple Neural Engine
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23540: Mohamed GHANNAM (@_simo36)
CVE-2023-27959: Mohamed GHANNAM (@_simo36)

– Apple Neural Engine
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write issue was addressed with improved bounds checking.
CVE-2023-27970: Mohamed GHANNAM

– Apple Neural Engine
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with improved checks.
CVE-2023-23532: Mohamed Ghannam (@_simo36)

– AppleMobileFileIntegrity
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A user may gain access to protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2023-23527: Mickey Jin (@patch1t)

– AppleMobileFileIntegrity
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by removing the vulnerable code.
CVE-2023-27931: Mickey Jin (@patch1t)

– Calendar
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Importing a maliciously crafted calendar invitation may exfiltrate user information
Description: Multiple validation issues were addressed with improved input sanitization.
CVE-2023-27961: Rıza Sabuncu (@rizasabuncu)

– Camera
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A sandboxed app may be able to determine which app is currently using the camera
Description: The issue was addressed with additional restrictions on the observability of app states.
CVE-2023-23543: Yiğit Can YILMAZ (@yilmazcanyigit)

– CarPlay
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A user in a privileged network position may be able to cause a denial-of-service
Description: A buffer overflow was addressed with improved bounds checking.
CVE-2023-23494: Itay Iellin of General Motors Product Cyber Security

– ColorSync
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to read arbitrary files
Description: The issue was addressed with improved checks.
CVE-2023-27955: JeongOhKyea

– Core Bluetooth
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2023-23528: Jianjun Dai and Guang Gong of 360 Vulnerability Research Institute

– CoreCapture
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-28181: Tingting Yin of Tsinghua University

– Find My
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to read sensitive location information
Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2023-23537: an anonymous researcher

– FontParser
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing a maliciously crafted image may result in disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2023-27956: Ye Zhang of Baidu Security

– Foundation
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution
Description: An integer overflow was addressed with improved input validation.
CVE-2023-27937: an anonymous researcher

– iCloud
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper
Description: This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder.
CVE-2023-23526: Jubaer Alnazi of TRS Group of Companies

– Identity Services
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access information about a user’s contacts
Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2023-27928: Csaba Fitzl (@theevilbit) of Offensive Security

– ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing a maliciously crafted image may result in disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2023-23535: ryuzaki

– ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing a maliciously crafted image may result in disclosure of process memory
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2023-27929: Meysam Firouzi (@R00tkitSMM) of Mbition Mercedes-Benz Innovation Lab and jzhu working with Trend Micro Zero Day Initiative

– Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A use after free issue was addressed with improved memory management.
CVE-2023-27969: Adam Doupe of ASU SEFCOM

– Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-27933: sqrtpwn

– LaunchServices
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Files downloaded from the internet may not have the quarantine flag applied
Description: This issue was addressed with improved checks.
CVE-2023-27943: an anonymous researcher, Brandon Dalton, Milan Tenk, and Arthur Valiev

– LaunchServices
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to gain root privileges
Description: This issue was addressed with improved checks.
CVE-2023-23525: Mickey Jin (@patch1t)

– NetworkExtension
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device
Description: The issue was addressed with improved authentication.
CVE-2023-28182: Zhuowei Zhang

– Photos
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup
Description: A logic issue was addressed with improved restrictions.
CVE-2023-23523: developStorm

– Podcasts
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access user-sensitive data
Description: The issue was addressed with improved checks.
CVE-2023-27942: Mickey Jin (@patch1t)

– Safari
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to unexpectedly create a bookmark on the Home Screen
Description: The issue was addressed with improved checks.
CVE-2023-28194: Anton Spivak

– Sandbox
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved validation.
CVE-2023-28178: Yiğit Can YILMAZ (@yilmazcanyigit)

– Shortcuts
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user
Description: The issue was addressed with additional permissions checks.
CVE-2023-27963: Jubaer Alnazi Jabin of TRS Group Of Companies, and Wenchao Li and Xiaolong Bai of Alibaba Group

– TCC
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by removing the vulnerable code.
CVE-2023-27931: Mickey Jin (@patch1t)

– WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may bypass Same Origin Policy
Description: This issue was addressed with improved state management.
WebKit Bugzilla: 248615
CVE-2023-27932: an anonymous researcher

– WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A website may be able to track sensitive user information
Description: The issue was addressed by removing origin information.
WebKit Bugzilla: 250837
CVE-2023-27954: an anonymous researcher

Additional recognition
– Activation Lock
We would like to acknowledge Christian Mina for their assistance.

– CFNetwork
We would like to acknowledge an anonymous researcher for their assistance.

– CoreServices
We would like to acknowledge Mickey Jin (@patch1t) for their assistance.

– file_cmds
We would like to acknowledge Lukas Zronek for their assistance.

– Heimdal
We would like to acknowledge Evgeny Legerov of Intevydis for their assistance.

– ImageIO
We would like to acknowledge Meysam Firouzi @R00tkitSMM for their assistance.

– Mail
We would like to acknowledge Chen Zhang, Fabian Ising of FH Munster University of Applied Sciences, Damian Poddebniak of FH Munster University of Applied Sciences, Tobias Kappert of Munster University of Applied Sciences, Christoph Saatjohann of Munster University of Applied Sciences, Sebast, and Merlin Chlosta of CISPA Helmholtz Center for Information Security for their assistance.

– Safari Downloads
We would like to acknowledge Andrew Gonzalez for their assistance.

– Status Bar
We would like to acknowledge Nikita, jiaxu li for their assistance.

– Telephony
We would like to acknowledge CheolJun Park of KAIST SysSec Lab for their assistance.

– WebKit
We would like to acknowledge an anonymous researcher for their assistance.

– WebKit Web Inspector
We would like to acknowledge Dohyun Lee (@l33d0hyun) and crixer (@pwning_me) of SSD Labs for their assistance.

記事執筆:memn0ck

■関連リンク
・エスマックス(S-MAX)
・エスマックス(S-MAX) smaxjp on Twitter
・S-MAX – Facebookページ
・iOS 16 関連記事一覧 – S-MAX
・iPadOS 16 関連記事一覧 – S-MAX
・iOS 16 のアップデートについて – Apple サポート (日本)
・iPadOS 16 のアップデートについて – Apple サポート (日本)
・iOS 16.4 および iPadOS 16.4 のセキュリティコンテンツについて – Apple サポート (日本)
・Apple セキュリティアップデート – Apple サポート