iOS 16.2 patches over a dozen security vulnerabilities, iOS 15.7.2 also available with fixes

Tuesday, December 13, 2022 4:17 PM

Apple on Monday released a bunch of software updates for its devices, including iOS 16.2 and iPadOS 16.2. In addition to new features, today’s updates come with multiple security patches – even for users who still have devices running iOS 15. Read on as we detail all the security patches coming with iOS 16.2 and today’s updates.

iOS 16.2 comes with multiple security patches

Just for iOS 16.2, Apple lists dozens of security breaches that have been fixed with the update. This includes patches in areas such as Accounts, AppleAVD, GPU Drivers, ImageIO, iTunes Store, and WebKit. For instance, one of these exploits allowed a malicious video file to execute kernel code without user permission. Another exploit fixed allowed apps to bypass Privacy preferences.

Just in WebKit, which is the engine for Safari and all other web browsers on iOS, Apple found and fixed seven security exploits with iOS 16.2. One of these exploits also led to arbitrary code execution, as you can see below:

WebKit

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved input validation.

These patches are also available for Mac users with macOS Ventura 13.1, Apple TV users with tvOS 16.2, and Apple Watch users with watchOS 9.2. It’s worth noting that Apple has also released iOS 15.7.2, macOS Monterey 12.6.2, and macOS Big Sur 11.7.2 with the same patches for users who haven’t (or can’t) update their devices to the latest versions of the operating systems.

Security Response updates

iOS 16.2 also features “Rapid Security Response” updates, which will provide quick security patches to iOS without the need to install an entire new version of the operating system. Apple will now be able to quickly fix security exploits without having to release a new version of iOS just for that.

When it comes to iOS 15, it’s worth noting that Apple is letting all users stay on iOS 15.7 while still receiving security patches instead of being forced to update to iOS 16. However, it’s unclear whether the company has plans to maintain support for iOS 15 for long.

You can find more details about iOS security patches and other software updates on Apple’s website.