Reprinted from TidBITS by permission; reuse governed by Creative Commons
license BY-NC-ND 3.0. TidBITS has offered years of thoughtful commentary
on Apple and Internet topics. For free email subscriptions and access to the
entire TidBITS archive, visit http://www.tidbits.com/


Sports and Bugs in tvOS 16.5, macOS 13.4 Ventura, iOS 16.5, iPadOS 16.5, watchOS
                         9.5, and HomePod Software 16.5

   Adam Engst

   Baseball and soccer fans, take note! In the just-released [1]tvOS 16.5,
   Apple has added [2]multiview for the Apple TV 4K, allowing fans to
   watch up to four simultaneous streams, including Major League Soccer
   matches, 'Friday Night Baseball' games, and select MLS and MLB studio
   shows. Apple says:

     With this entirely customizable new multiview experience in the
     Apple TV app on Apple TV 4K, users can see the available live games
     displayed at the bottom of their screen, choose the ones they want
     to watch, and toggle between multiple layout options. Fans can also
     choose to display one match more prominently, or watch two to four
     matches in a split-screen view. Users can also control audio
     preferences, including the home radio feed for MLS Season Pass, and
     home and away radio for 'Friday Night Baseball.' If a user wants to
     stop watching in multiview, they can quickly switch to full screen
     with one click.

   There's more for those who follow sports. With macOS 13.4 Ventura, iOS
   16.5, and iPadOS 16.5, Apple News now offers a dedicated Sports section
   to provide easy access to stories, scores, standings, and more. It
   claims to be specific to the teams and leagues you follow, but when I
   told it that I was only interested in running, it still insisted on
   showing me Top Stories about other sports. The pop-up menu in the
   upper-right corner lets you switch to a sport-specific view. Also, My
   Sports score and schedule cards in Apple News take you directly to game
   pages where you can find additional details about specific games.

   I'll continue pining quietly for coverage of [3]Diamond League track
   meets and other [4]exciting running events while looking at the
   remaining updates in this batch of Apple operating system releases.

macOS 13.4 Ventura

   On the Mac side, [5]macOS 13.4 fixes a bug that caused Screen Time
   settings to reset or fail to sync across devices, resolves a situation
   where Auto Unlock with Apple Watch fails to log you into your Mac,
   addresses an issue that caused Bluetooth keyboards to connect to the
   Mac slowly after restarting, and fixes a VoiceOver problem with
   navigating to landmarks on Web pages.

   I haven't experienced the Auto Unlock with Apple Watch problems, but
   I've become utterly addicted to the feature and evangelize it whenever
   possible, so it's good to hear that Apple is addressing problems there.

iOS 16.5 and iPadOS 16.5

   [6]iOS 16.5 and [7]iPadOS 16.5 both address an issue where Spotlight
   may become unresponsive and participate in the Screen Time fix. (Apple
   hasn't yet updated the release note pages for these two or watchOS.)

   iOS 16.5 also includes a new Pride Celebration wallpaper for the Lock
   Screen and jumpstarts Podcasts in CarPlay to ensure that it loads
   content.

watchOS 9.5

   Apple's release notes for [8]watchOS 9.5 are unsatisfying. Although
   they claim that 'watchOS 9.5 includes new features, improvements, and
   bug fixes,' the only thing Apple describes is a new Pride Celebration
   watch face. If you love it, there's a matching [9]Pride Edition Sport
   Band.

HomePod Software 16.5

   Even more terse are the release notes for [10]HomePod Software 16.5,
   which fall back on 'This update includes performance and stability
   improvements.' And electrons. So many electrons.

Security Notes Explain Rapid Security Response Changes

   Each of the operating system updates comes with a slew of fixes for
   security vulnerabilities:
     * tvOS 16.5: [11]28 vulnerabilities
     * iOS 16.5 and iPadOS 16.5: [12]39 vulnerabilities
     * macOS 13.4: [13]49 vulnerabilities
     * watchOS 9.5: [14]32 vulnerabilities

   Most notable among the security notes are descriptions of three WebKit
   vulnerabilities that Apple says are being actively exploited, two of
   which were addressed by the first Rapid Security Response updates (see
   '[15]What Are Rapid Security Responses and Why Are They Important?' 2
   May 2023). One was the usual 'Processing maliciously crafted web
   content may lead to arbitrary code execution,' but the other was a more
   interesting 'Processing web content may disclose sensitive
   information.' Both were credited to an anonymous researcher, but don't
   you want to know the story behind them? Maybe Apple does too.

   So now we know why Apple didn't publish any release notes for the Rapid
   Security Responses. The vulnerabilities addressed also existed in tvOS
   16, watchOS 9.5, and the older iOS 15 and iPadOS 15 (see '[16]iOS
   15.7.6 and iPadOS 15.7.6 Incorporate Rapid Security Response Fixes,' 18
   May 2023). Apple never discusses security vulnerabilities until all the
   affected operating systems have received updates.

   Remember how I timed the installation of the Rapid Security Responses
   to see how much downtime they would entail? My M1 MacBook Air and
   iPhone 14 Pro both took about 4 minutes before they were usable again.
   In contrast, installing the 1.59 GB macOS 13.4 update on the MacBook
   Air took 20 minutes, and updating the iPhone 14 Pro to iOS 16.5 took 29
   minutes. I lost track of how long my 10.5-inch iPad Pro took and
   couldn't spare the time away from writing to update my 27-inch iMac
   just yet. I remain a fan of Rapid Security Responses and encourage you
   to install any future ones immediately.

   Since only two of the three zero-day WebKit vulnerabilities were
   addressed by the Rapid Security Responses, I encourage you to install
   all of these updates soon. The impact of the third WebKit vulnerability
   is 'A remote attacker may be able to break out of Web Content sandbox.'
   That sounds bad, and the fact that one of the security researchers
   reporting it works for Amnesty International's Security Lab suggests
   that it may be exploited by the likes of the [17]Pegasus spyware.

References

   Visible links
   1. https://support.apple.com/en-us/HT207936
   2. https://nr.apple.com/DH0h0C8nK2
   3. https://www.diamondleague.com/home/
   4. https://www.nightofthe10kpbs.com/
   5. https://support.apple.com/en-us/HT213268
   6. https://support.apple.com/en-us/HT213407
   7. https://support.apple.com/en-us/HT213408
   8. https://support.apple.com/en-us/HT213436
   9. https://www.apple.com/newsroom/2023/05/apple-watch-pride-edition-celebrates-the-lgbtq-community/
  10. https://support.apple.com/en-us/HT208714
  11. https://support.apple.com/en-us/HT213761
  12. https://support.apple.com/en-us/HT213757
  13. https://support.apple.com/en-us/HT213758
  14. https://support.apple.com/en-us/HT213764
  15. https://tidbits.com/2023/05/02/what-are-rapid-security-responses-and-why-are-they-important/
  16. https://tidbits.com/2023/05/18/ios-15-7-5-and-ipados-15-7-5-address-serious-security-vulnerabilities-2/
  17. https://en.wikipedia.org/wiki/Pegasus_(spyware)

   Hidden links:
  18. https://tidbits.com/wp/../uploads/2023/05/Apple-TV-MLS-multiview.jpg
  19. https://tidbits.com/wp/../uploads/2023/05/Apple-News-Sports.jpg
  20. https://tidbits.com/wp/../uploads/2023/05/Apple-Watch-Pride-Edition-Celebration-wallpaper.jpg