iOS 15.6.1 Fixes Two Security Vulnerabilities Exploited by Hackers

Deepak Gupta August 17, 2022
Updated 2022/08/17 at 7:55 PM

Apple recently released iOS 15.6.1 for iPhone and iPad users. The initial release notes didn’t specify exactly what had changed, other than Apple saying the update “provides important security updates and is recommended for all users”.

Apple has now updated its website of security updates with the full details of what has been fixed.

iOS 15.6.1 security fixes

According to Apple, iOS 15.6.1 fixes two major vulnerabilities that were both exploited "in the hacker world". These vulnerabilities impacted all iPhone and iPad models capable of running iOS 15.

The first vulnerability could have allowed an application to execute arbitrary code with kernel privileges. The second vulnerability was in WebKit, the browser engine that powers Safari and all third-party browsers on iOS.

For this vulnerability, Apple says that "the processing of maliciously crafted web content may lead to arbitrary code execution".

Image Apple Updates page with description of vulnerabilities fixed with iOS 15.6.1

Full details according to Apple:

kernel

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds writing issue has been addressed with improved bounds checking.

CVE-2022-32894: an anonymous researcher.

Web Kit

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously created content on the web can lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds writing issue has been addressed with improved bounds checking.

Update for iOS 15.6.1

With two major security fixes, it is highly recommended that all iPhone users immediately update to iOS 15.6.1 and that all iPad users update to iPadOS 15.6.1 version.

To do so, users can go to Definitions > General and Software update.

!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version='2.0';n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,'script','https://connect.facebook.net/en_US/fbevents.js');
fbq('init', '1664527397186427'); // Insert your pixel ID here.
fbq('track', 'PageView');
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/pt_PT/sdk.js#xfbml=1&version=v2.3&appId=122308327859118";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));

Share this Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *