Apple iOS 16.3.1 Release: Should You Upgrade?
Apple iOS 16.3.1 and iPadOS 16.3.1 have been released, and they bring important fixes and critical security updates. Here’s everything you need to know.
Tip: bookmark this page because I will keep it up-to-date if/when new problems are found. I will deliver my final verdict in a week.
Who Is It For?
Apple iOS 16.3.1 is available for all iOS 16-compatible devices, which means the iPhone 8/iPhone X and newer. iOS 16 dropped support for the iPhone 6S and 7 ranges as well as the iPod Touch. Given the importance of the security updates in iOS 16.3.1, I would also expect to see iOS 15.7.4 in the coming weeks, if older devices are vulnerable.
Apple confirmed auto-update delays last year, so keen upgraders can trigger the update manually by navigating to Settings > General > Software Update. If you are running newer beta software (see ‘The Road Ahead’ section at the end), you must unenroll your device before the update will appear.
Note: this guide is not focused on older iOS updates, iPadOS or macOS, but I will touch upon pertinent issues in these guides.
The Deal Breakers
The big news is iOS 16.3.1 initially caused Google Photos to crash on iPads and iPhones, but this has now been fixed after Google released an update for the app. Aside from that, no widely reported problems have been reported in the first 24 hours.
That said, I am seeing isolated reports of bugs in a number of areas, including print errors in Pages, app crashes, a battery-level reporting bug and issues connecting to WiFi. There are also several reports of upgraded devices experiencing degraded cellular signal (1,2,3,4), though not enough to raise alarm bells at this stage.
So What Do You Get?
Apple’s iOS 16.3.1 release notes list the following fixes:
– iCloud settings may be unresponsive or incorrectly display if apps are using iCloud
– Siri requests for Find My may not work
– Crash Detection optimizations on iPhone 14 and iPhone 14 Pro models
The headline fixes here are for iCloud and Crash Detection. The former caused iCloud to stop syncing, putting user data at risk. The latter is Apple’s latest attempt to refine its Crash Detection algorithm after the feature hit the news again this month for sending numerous false alerts to emergency responders.
iOS 16.3.1 Security
Apple’s iOS 16.3.1 security page discloses that the update contains just two security patches:
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A use after free issue was addressed with improved memory management.
CVE-2023-23514: Xinru Chi of Pangu Lab, Ned Williamson of Google Project Zero
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A type confusion issue was addressed with improved checks.
WebKit Bugzilla: 251944
CVE-2023-23529: an anonymous researcher
Of these, CVE-2023-23529 is the chief threat. The vulnerability impacted Webkit (the engine behind all iOS web browsers, including Safari), potentially allowing hackers to execute code on your iPhone or iPad.
Apple also confirmed it: “is aware of a report that this issue may have been actively exploited.” This makes it a zero-day vulnerability because it means hackers were able to start exploiting it before Apple could release a fix.
Apple iOS 16.3.1 Verdict: Upgrade
Given the importance of the CVE-2023-23529 security fix in iOS 16.3.1 / iPadOS 16.3.1, I recommend all iPhone and iPad users upgrade. Yes, there are isolated reports of bugs in the release (notably signal strength complaints), but the security of your device comes first.
If you are a cautious iPhone or iPad owner and still prefer to wait, I will deliver my final verdict in a week. So bookmark this page.
The Road Ahead
Expect the first beta of iOS 16.4 to be released either this week or early next. Rumors are that the update will include revamped HomeKit architecture initially released in iOS 16.2, then quickly pulled due to bugs and installation issues. You can join the Apple Beta Software Program if you want to try iOS beta releases, but know they will be buggy.
I also expect iOS 16.3.2, a dedicated bug fix, to arrive before iOS 16.4 as Apple continues to polish the core OS. Something that has been a work in progress ever since its buggy debut.
Follow Gordon on Facebook