Apple has released iOS 15.6.1 and iPadOS 15.6.1. The release notes are simple, stating only that the update “provides important security updates and is recommended for all users.”
The security content page spells out the changes in more detail, and indeed, we recommend all iPhone and iPad users update their devices as soon as possible. There are two vulnerabilities addressed, according to the document. A Kernel issue described as “an application may be able to execute arbitrary code with kernel privileges,” along with a WebKit issue described as “processing maliciously crafted web content may lead to arbitrary code execution.”
For both of these issues, Apple says they are aware of reports that the issue may have been actively exploited. Here are the security notes for the update:
Kernel
- Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
- Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
- Description: An out-of-bounds write issue was addressed with improved bounds checking.
- CVE-2022-32894: an anonymous researcher
WebKit
- Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: An out-of-bounds write issue was addressed with improved bounds checking.
- CVE-2022-32893: an anonymous researcher
These are pretty significant security problems. Arbitrary code execution is the worst possible sort of vulnerability–that’s the kind of thing that can inject background code that runs every time your phone restarts and can get up to all sorts of nefarious business, circumventing regular security measures. It’s worse that there may already be exploits out there that target these vulnerabilities.
To update your device, open Settings, tap General, then Software Update.
For more tips read: iPhone security tips: How to protect your phone from hackers.
Author: Jason Cross, Senior Editor
I have written about technology for my entire professional life - over 25 years. I enjoy learning about how complicated technology works and explaining it in a way anyone can understand.