With so many issues concerning the latest iPhone update, we’ve been hoping that an update to iOS 16.4 would arrive sooner than later. It’s here now, and if you’ve got an iPhone running iOS 16.4 or earlier, you should open Settings, tap General, then Software Update, and grab iOS 16.4.1.

This small point release likely includes several underlying fixes. Over the past week, we’ve written about issues with Weather and Universal Control, but neither is explicitly mentioned in the release notes. The known issues iOS 16.4.1 fixes are a Siri flaw where it might not respond sometimes, and a skin tone issue with a single emoji, but the real reason you want it is that it patches two security flaws that may have already been exploited.

iOS 16.4.1 release notes

The official Apple release notes are very brief, merely stating that the update provides important bug fixes and security updates for your iPhone including:

Pushing hands emoji does not show skin tone variations

Siri does not respond in some cases

Skin tones on a single emoji don’t seem like a reason to rush out a .x.1 update, and the Siri problem wasn’t widespread enough to warrant a rush Friday release either. But the security fixes are critical.

There are two security updates in iOS 16.4.1, both of which allow for arbitrary code execution and may have been actively exploited already. That means it’s critical to get the update right away because hackers are already using these flaws to attack machines.

IOSurfaceAccelerator

Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved input validation.

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A use after free issue was addressed with improved memory management.

Whenever you see “arbitrary code” and “actively exploited” you know it’s time to update your device.

How to get iOS 16.4.1