Apple released iOS 15.6.1 to iPhone and iPad users this week. Apple saying the update “provides important security updates and is recommended for all users.” Apple has now updated its security updates webpage with the full details on what’s been patched. Head below for the details on what the issue was and how to update.
iOS 15.6.1 security fixes
According to Apple, iOS 15.6.1 fixes two major vulnerabilities that were both exploited in the wild. Both of these vulnerabilities impacted every iPhone and iPad model capable of running iOS 15.
The first vulnerability could have allowed an application to execute arbitrary code with kernel privileges. The second vulnerability was in WebKit, the browser engine that powers Safari and all third-party browsers on iOS. For this vulnerability, Apple says that “processing maliciously crafted web content may lead to arbitrary code execution.”
Here are the full details according to Apple:
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: An out-of-bounds write issue was addressed with improved bounds checking.
CVE-2022-32894: an anonymous researcher
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: An out-of-bounds write issue was addressed with improved bounds checking.
Update to iOS 15.6.1 now
With two major security fixes, we recommend all iPhone users update to iOS 15.6.1 immediately and all iPad users update to iPadOS 15.6.1. You can do so by heading to the Settings app, choosing General, then choosing Software Update.
Author: Chance Miller
Source: 9TO5Google