Apple has now released iOS 15.2.1 and iPadOS 15.2.1 for all users worldwide, fixing bugs in CarPlay and Messages. A vulnerability in HomeKit has also been closed.
In addition to important bug fixes, the update also released a particularly important security update that fixes a HomeKit vulnerability that could cause your iPhone or iPad to crash repeatedly. This bug was first reported by security researcher Trevor Spiniolas, who explained in a blog post that the problems are caused by changing the name of a HomeKit device to something around 500,000 characters long. The result basically depends on whether or not users have HomeKit devices enabled in Control Center. In an update posted today on the Apple Support website published Apple states that it has patched this vulnerability with the release of iOS 15.2.1 and iPadOS 15.2.1.
iOS 15.2.1 fixes two bugs and closes a vulnerability
Apple says this bug meant that processing a maliciously crafted HomeKit accessory name could cause a denial of service. But Apple has now fixed the problem by addressing a "resource exhaustion issue" with improved input validation. According to Apple, this is the only security fix in iOS 15.2.1 and iPadOS 15.2.1. However, the updates also include two important bug fixes:
- Messages may not load photos sent via an iCloud link.
- Third-party CarPlay apps may not respond to inputs.
You can update your iPhone to iOS 15.2.1 by going to the Settings app, then General and then Software Update. (Photo by hadrian / Bigstockphoto)
