Apple has issued iOS 16.2, fixing a hefty 35 security vulnerabilities, some of which are serious.
Among the security issues fixed in iOS 16.2 are six in the Kernel at the heart of the iPhone operating system and nine in WebKit, the engine that powers Apple’s Safari browser. The WebKit vulnerabilities patched in iOS 16.2 include issues that could lead to arbitrary code execution, according to Apple’s support page.
The issues fixed in the Kernel include CVE-2022-46689, reported by security researcher Ian Beer at Google’s Project Zero initiative, which could see an app able to execute arbitrary code with Kernel privileges. Another serious Kernel issue fixed in iOS 16.2—CVE-2022-42842—could see code execution performed remotely.
Update to iOS 16.2 as soon as you can
While the security vulnerabilities fixed in iOS 16.2 are large in number and serious, none have been used in real-life attacks yet. However, it makes sense to update now to keep your iPhone as secure as possible.
MORE FOR YOU
Apple’s iOS 16.2 also includes some major security upgrades, including end-to-end encryption for more iCloud categories, which is rolling out first to users in the U.S. The iOS 16.2 update also includes added privacy and security protections for AirDrop—a feature available to everyone now.
While the iOS 16.2 update brings some new and exciting features, it also comes with important security updates, says independent security researcher Sean Wright. He says chaining some of the vulnerabilities fixed in iOS 16.2 together could “potentially allow an attacker to gain full control of a device remotely”—although he concedes the likelihood of this happening is small.
“For most users this isn’t something to be too alarmed by. However, I would still recommend you update when you can,” Wright says.
Apple issues iOS 15.7.2—an urgent update for those still on iOS 15
In addition to iOS 16.2, Apple also issued iOS 15.7.2 for people with older iPhones who are still on the iPhone maker’s older operating system iOS 15. This is an urgent update as it fixes an already exploited security issue in WebKit—CVE-2022-42856—also fixed in iOS 16.1.2.
Apple says iOS 15.7.2 is available for the following devices: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
If you have an iPhone 8 or above, security updates and a bunch of new features make iOS 16.2 well worth the upgrade. Go to your Settings > General > Software Update and upgrade to iOS 16.2 now to keep your iPhone safe.