iOS 15.6.1 fixes two security vulnerabilities that were actively exploited in the wild

iOS 15.6.1 fixes two security vulnerabilities that were actively exploited in the wild

Apple released iOS 15.6.1 to iPhone and iPad users this afternoon. The initial release notes did not specify what exactly had changed, other than Apple saying the update “provides important security updates and is recommended for all users.”

Apple has now updated its security updates webpage with the full details on what’s been patched.

iOS 15.6.1 security fixes

According to Apple, iOS 15.6.1 fixes two major vulnerabilities that were both exploited in the wild. Both of these vulnerabilities impacted every iPhone and iPad model capable of running iOS 15.

The first vulnerability could have allowed an application to execute arbitrary code with kernel privileges. The second vulnerability was in WebKit, the browser engine that powers Safari and all third-party browsers on iOS. For this vulnerability, Apple says that “processing maliciously crafted web content may lead to arbitrary code execution.”

Here are the full details according to Apple:

Kernel

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-32894: an anonymous researcher

WebKit

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds write issue was addressed with improved bounds checking.

Update to iOS 15.6.1 now

With two major security fixes, we recommend all iPhone users update to iOS 15.6.1 immediately and all iPad users update to iPadOS 15.6.1. You can do so by heading to the Settings app, choosing General, then choosing Software Update.

FTC: We use income earning auto affiliate links. More.

Check out 9to5Mac on YouTube for more Apple news: