Apple iOS 15.3 and iPadOS 15.3 address a number of security vulnerabilities

By Deepak Singh | Published 28 Jan 2022 13:52 IST
  • The update fixes a vulnerability that malicious apps could exploit to run arbitrary code with kernel privileges.

  • The update also fixes the Safari bug that could let websites snoop in on a user's browsing data.

  • The update will be rolled out in a phased manner.

Apple iOS 15.3 and iPadOS 15.3 address a number of security vulnerabilities
The update doesn't add new features but fixes quite a few crucial flaws.

Apple has patched a number of security flaws including a few that may have been ‘actively exploited’ with the release of iOS 15.3 and iPadOS 15.3 updates for its mobile devices.

The updates will roll out for iPhone 6s and later, all iPad Pro variants, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and the iPod touch (7th gen).

Important Vulnerabilities Fixed

The primary vulnerability is referred to as CVE-2022-22587. This is a memory corruption bug in IOMobileFrameBuffer (or FrameBuffer) which is a kernel extension that allows app developers to control the way their app handles the phone’s display. An app exploiting this vulnerability could execute malicious code with kernel privileges. 

Another notable vulnerability was a Webkit bug in Safari, referred to as CVE-2022-22594. This bug could allow any website using a specific JavaScript API to check on another tab that the user might have opened in Safari and thus track sensitive user information. The bug could also be exploited to track a user’s browsing history and Google Account information via Safari or any other third party browser. 

iOS 15.3 addresses a total of 10 vulnerabilities and issues related to gaining root privileges, iCloud exploits. 

The security updates come a week after Apple released a fix for a bug in iOS and iPadOS that could allow HomeKit to be exploited using Denial of Service (DoS) attacks. 

Should you update to iOS 15.3 or iPadOS 15.3?

Needless to say, this is an important update that addresses several privacy and security concerns. As always, the update will be pushed in a phased manner and you can go to Settings >> General >> Software update on your device to check if you have already received it

Deepak Singh
Deepak Singh

Email Email Deepak Singh

Follow Us Facebook Logo Facebook Logo Facebook Logo

About Me: Deepak is Assistant Editor at Digit. He is passionate about technology and has been keeping an eye on emerging technology trends for nearly a decade. When he is not working, he likes to read and to spend quality time with his family. Read More


Trending Articles


Latest Articles View All