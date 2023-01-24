対象機種はiOS 16およびiPadOS 16の対象機種である最新の「iPhone 14」シリーズや「iPad（第10世代）」、「12.9インチiPad Pro（第6世代）」、「11インチiPad Pro（第4世代）」を含むiPhone 8以降およびiPhone SE（第2世代）以降、iPad（第5世代以降）、iPad Air（第3世代以降）、iPad mini（第5世代以降）、iPad Pro（全モデル）の各製品にて無料で更新可能です。

変更点はHomePod（第2世代）に対応したり、緊急SOSで意図しない緊急通報を防ぐためにサイドボタンと上下どちらかの音量ボタンを長押ししてから放す操作が必要となるなどの機能が追加されたほか、ロック画面の壁紙が真っ黒になることがある問題などのさまざまな不具合の修正、各種のセキュリティーアップデートが実施されています。

なお、セキュリティーアップデートについては「CVE-2023-23499」や「CVE-2023-23519」、「CVE-2023-23500」、「CVE-2023-23502」、「CVE-2023-23504」、「CVE-2023-23498」、「CVE-2023-23503」、「CVE-2023-23512」、「CVE-2023-23505」、「CVE-2023-23511」、「CVE-2023-23496」などの13個のCVEに登録されている脆弱性に対処されていると案内されています。

その他、iOS 16およびiPadOS 16に対応しないiPhoneやiPad、iPod touch向け「iOS 15.7.3」および「iPadOS 15.7.3」のほか、パソコン「Mac」向け「macOS」の最新バージョン「macOS 13.2（22D49）」、スマートウォッチ「Apple Wach」向け「watchOS」の最新バージョン「watchOS 9.3（20S648）」なども提供開始されています。

その後、フリーボードAppなどの新機能が追加されたiOS 16.2およびiPadOS 16.2が提供されていましたが、今回、さらにHomePod（第2世代）に対応したり、緊急SOSで意図しない緊急通報を防ぐためにサイドボタンと上下どちらかの音量ボタンを長押ししてから放す操作が必要となるなどの機能が追加されたiOS 16.3およびiPadOS 16.3が配信開始されました。

更新は従来通り各製品本体のみでOTA（On-The-Air）によりダウンロードで行え、方法としては、「設定」→「一般」→「ソフトウェア・アップデート」から行えます。またiTunesをインストールしたWindowsおよびMacとUSB-Lightningケーブルで接続しても実施できます。iOS 16およびiPadOS 16の対象機種は以下の通り。

＜iOS 16対応製品＞

・iPhone 14

・iPhone 14 Plus

・iPhone 14 Pro

・iPhone 14 Pro Max

・iPhone 13

・iPhone 13 mini

・iPhone 13 Pro

・iPhone 13 Pro Max

・iPhone 12

・iPhone 12 mini

・iPhone 12 Pro

・iPhone 12 Pro Max

・iPhone 11

・iPhone 11 Pro

・iPhone 11 Pro Max

・iPhone XS

・iPhone XS Max

・iPhone XR

・iPhone X

・iPhone 8

・iPhone 8 Plus

・iPhone SE（第2世代）

・iPhone SE（第3世代）

＜iPadOS 16対応製品＞

・12.9インチiPad Pro（第6世代）

・12.9インチiPad Pro（第5世代）

・12.9インチiPad Pro（第4世代）

・12.9インチiPad Pro（第3世代）

・12.9インチiPad Pro（第2世代）

・12.9インチiPad Pro（第1世代）

・11インチiPad Pro（第4世代）

・11インチiPad Pro（第3世代）

・11インチiPad Pro（第2世代）

・11インチiPad Pro（第1世代）

・10.5インチiPad Pro

・9.7インチiPad Pro

・iPad Air（第5世代）

・iPad Air（第4世代）

・iPad Air（第3世代）

・iPad mini（第6世代）

・iPad mini（第5世代）

・iPad（第10世代）

・iPad（第9世代）

・iPad（第8世代）

・iPad（第7世代）

・iPad（第6世代）

・iPad（第5世代）

なお、単体でアップデートする場合のダウンロードサイズは手持ちのiPhone 13 Pro MaxでiOS 16.2からだと642.2MBとなっています。Appleが案内しているアップデートの内容およびセキュリティーコンテンツの修正は以下の通り。

- AppleMobileFileIntegrity

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to access user-sensitive data

Description: This issue was addressed by enabling hardened runtime.

CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing (wojciechregula.blog)

- ImageIO

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: Processing an image may lead to a denial-of-service

Description: A memory corruption issue was addressed with improved state management.

CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)

- Kernel

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to leak sensitive kernel state

Description: The issue was addressed with improved memory handling.

CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. (@starlabs_sg)

- Kernel

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to determine kernel memory layout

Description: An information disclosure issue was addressed by removing the vulnerable code.

CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. (@starlabs_sg)

- Kernel

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-23504: Adam Doupe of ASU SEFCOM

- Mail Drafts

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account

Description: A logic issue was addressed with improved state management.

CVE-2023-23498: an anonymous researcher

- Maps

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to bypass Privacy preferences

Description: A logic issue was addressed with improved state management.

CVE-2023-23503: an anonymous researcher

- Safari

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: Visiting a website may lead to an app denial-of-service

Description: The issue was addressed with improved handling of caches.

CVE-2023-23512: Adriatik Raci

- Screen Time

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to access information about a user’s contacts

Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)

- Weather

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to bypass Privacy preferences

Description: The issue was addressed with improved memory handling.

CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an anonymous researcher

- WebKit

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: The issue was addressed with improved checks.

WebKit Bugzilla: 245464 CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming Wang, JiKai Ren and Hang Shu of Institute of Computing Technology, Chinese Academy of Sciences

- WebKit

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: The issue was addressed with improved memory handling.

WebKit Bugzilla: 248268 CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE

WebKit Bugzilla: 248268 CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE

Additional recognition

- Kernel

We would like to acknowledge Nick Stenning of Replicate for their assistance.

- Shortcuts

We would like to acknowledge Baibhav Anand Jha from ReconWithMe and Cristian Dinca of Tudor Vianu National High School of Computer Science, Romania for their assistance.

- WebKit

We would like to acknowledge Eliya Stein of Confiant for their assistance.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.