iOS 15.5—Apple Issues iPhone Security Update Warning for millions | #ios | #apple | #iossecurity


Almost exactly two months ago, Apple released iOS 15.4 which addressed a hefty 39 security issues for millions of iPhone users. Now there’s another critical security update in the shape of iOS 15.5 which also really needs to be installed as soon as possible.

What should be, saving any emergency security updates, the final iOS 15 iteration before iOS 16 is released, has now landed. The functionality enhancements for Apple Cash, Apple Podcasts, and Apple Messages are explained in this article by David Phelan. However, my beat is security, and as that was the reason why I switched from an Android device to an iPhone a couple of years back, here’s what 15.5 brings to the smartphone security party and why you should update now.

MORE FROM FORBESApple’s Stunning 2022 Security Pact With Google, Microsoft Revealed

The massive iOS 15.5 security update in detail

This crucial iOS update comes with fixes for some 34 vulnerabilities, covering the full gamut of exploit opportunities from executing arbitrary code with kernel or system privileges, to sandbox restriction bypass, denial of service, and privilege elevation.

Like Google with Chrome updates, Apple doesn’t disclose security issues in full technical detail until an update has been made available and a majority users have had a chance to install this. However, some of the impacts should a vulnerability be exploited by a threat actor, as confirmed by Apple include:

  • Arbitrary code execution by processing a maliciously crafted image
  • Processing of a ‘large input’ could lead to denial of service
  • The tracking of users in Safari’s private browsing mode by a malicious website
  • Access to photos from the lock screen (requires physical access)
  • Code execution by way of malicious web content processing

The full list of Common Vulnerabilities and Exposures (CVE) references is as follows:

  1. CVE-2015-4142
  2. CVE-2022-22673
  3. CVE-2022-22677
  4. CVE-2022-23308
  5. CVE-2022-26700
  6. CVE-2022-26701
  7. CVE-2022-26702
  8. CVE-2022-26703
  9. CVE-2022-26706
  10. CVE-2022-26709
  11. CVE-2022-26710
  12. CVE-2022-26711
  13. CVE-2022-26714
  14. CVE-2022-26716
  15. CVE-2022-26717
  16. CVE-2022-26719
  17. CVE-2022-26731
  18. CVE-2022-26736
  19. CVE-2022-26737
  20. CVE-2022-26738
  21. CVE-2022-26739
  22. CVE-2022-26740
  23. CVE-2022-26744
  24. CVE-2022-26745
  25. CVE-2022-26751
  26. CVE-2022-26757
  27. CVE-2022-26760
  28. CVE-2022-26762
  29. CVE-2022-26763
  30. CVE-2022-26764
  31. CVE-2022-26765
  32. CVE-2022-26766
  33. CVE-2022-26768
  34. CVE-2022-26771

MORE FROM FORBESGoogle Details 2 ‘Impressive’ Zero-Day iOS/iMessage Security Exploits In New Report

Don’t delay, update to iOS 15.5 today

Although none of the security vulnerabilities patched by the iOS 15.5 update are of the zero-day variety, and none are known to have been exploited by threat actors at this point, that is no excuse for complacency. Now that the fixes are out, it’s a race against time as those who would do you harm look for ways to exploit those vulnerabilities. Most of the security issues have serious enough consequences that updating your iPhone really should be a no-brainer. As Kate O’Flaherty from the Forbes Straight Talking Cyber (STC) team says in the video at the top of this article, the benefits of securing your smartphone outweigh the risks of a functionality bug, more often than not. Of course, your particular use case may mean that holding off on an update is the preferred option but, for the vast majority of users, the ‘don’t delay, update today’ advice stands firm. Ensuring your device is backed up to iCloud or your own computer is recommended before you start any update, of course.

Updating your iPhone: step-by-step

First and foremost, STC recommends that you set your iPhone to update automatically. You can do this by heading to Settings|General|Software Update|Automatic Updates and your iPhone should then update overnight as long as it is charging and connected to Wi-Fi.

Regardless of your automatic update status, unless you have got a notification informing you that your iPhone has already updated to 15.5, it is recommended that you go check and force the issue.

Head to Settings|General|Software Update and start the process.

You will see a progress bar with the download status followed by the preparing update one. Be warned, this can take some time so don’t panic, just wait it out.

Your iPhone will restart, eventually. On my iPhone 13 Pro connected to gigabit broadband, it took around 15 minutes to complete the iOS 15.5 update. Once your device has restarted you will see the above confirmation on your lock screen which means that your device is up to date with security fixes.



Original Source link

Leave a Reply

Your email address will not be published.

3 + four =