Apple released a whole series of software updates for its devices on Tuesday evening, including iOS 16.2 and iPadOS 16.2. In addition to new features, today's updates also contain several security patches - iOS 15.7.2 was also made available.
For iOS 16.2 alone, Apple lists dozens of security vulnerabilities that were fixed with the update. These include patches in areas such as accounts, AppleAVD, GPU drivers, ImageIO, iTunes Store, and WebKit. One of these vulnerabilities, for example, allowed a malicious video file to execute kernel code without the user's permission. Another exploit allowed apps to bypass privacy settings.
iOS 16.2 & iOS 15.7.2: Apple fixes a dozen security vulnerabilities
In WebKit alone, the engine for Safari and all other web browsers on iOS, Apple found and closed seven security vulnerabilities with iOS 16.2. One of these security vulnerabilities also led to the execution of arbitrary code:
WebKit
- Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5.
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
- Description: A memory corruption issue was fixed with improved input validation.
These patches are also available for Mac users running macOS Ventura 13.1, Apple TV users running tvOS 16.2, and Apple Watch users running watchOS 9.2. It's worth noting that Apple also released iOS 15.7.2, macOS Monterey 12.6.2, and macOS Big Sur 11.7.2 with the same patches for those who haven't or can't update their devices to the latest versions of the operating systems.
updates for security measures
iOS 16.2 also includes Rapid Security Response updates, which provide quick security patches to iOS without the need to install a completely new version of the operating system. Apple can now quickly fix security vulnerabilities without having to release a new version of iOS. Regarding iOS 15, it is worth noting that Apple is giving all users the option to stay on iOS 15.7 and continue to receive security patches, rather than forcing them to update to iOS 16. However, it is unclear whether the company plans to maintain support for iOS 15 for much longer. For more information about iOS security patches and other software updates, visit the Apple website. (Photo by Mehaniq / Bigstockphoto)
