iOS 15.2.1 here! Should you install the iPhone update immediately?

Only recently, atechbook reported about a serious security vulnerability in iOS. Now Apple has reacted and provides an update for iPhone and iPad.

The last iOS update to version 15.2 is already a month old and brought many new features. Now, on the other hand, a small security update follows in the form of iOS 15.2.1, which eliminates a vulnerability that hackers could use to render the iPhone and iPad unusable.

iOS 15.2.1 closes vulnerability in HomeKit

As atechbook already reported, a vulnerability in Apple’s HomeKit can be used by attackers to render iPhone or iPad completely unusable. HomeKit is Apple’s interface for smart home devices. Attackers can exploit the flaw by renaming a device to a 500,000-character string. HomeKit cannot process this, which in the worst case causes the iPhone to crash again and again – even after resetting to factory settings. Attacks of this kind are called DDoS – distributed denial of service attacks. DDoS attacks cause the end device to crash by overloading it.

As usual, Apple has set up a dedicated support page for the new update, which explains the contents of the security update. Apple received the tip for the vulnerability from security researcher Trevor Spiniolas back in August 2021. However, it was only after Spiniolas reported the flaw in HomeKit on his own initiative at the beginning of January 2022 that the company now took action. The vulnerability, with the identifier CVE-2022-22588, has received an entry in the database of known vulnerabilities and susceptibilities (CVE).

On its support page, Apple describes the vulnerability as follows: “Processing a maliciously crafted HomeKit accessory name can generate a denial of service.” iOS 15.2.1, meanwhile, is said to address the resource overload issue through improved input validation.

Update fixes more bugs

Apart from the security patch, iOS 15.2.1 also includes bug fixes for Messages (iMessage) and CarPlay. In previous iOS versions, a bug can occur that causes third-party CarPlay apps to not respond to user input. Messages did not display photos sent with an iCloud link in some cases. Both bugs should be fixed by the iOS update.

Also of interest: the most common bugs in iOS 15 and how to fix them.

Best to install iOS 15.2.1 right away

atechbook recommends installing the approximately 970 megabyte update as soon as possible. This will allow you to protect iPhone and iPad from attacks. The security update is available for iPhone in the form of iOS 15.2.1 and iPad in the form of iPadOS 15.2.1. It is compatible with all devices that supported iOS/iPadOS 15: iPhone 6s and newer, all iPad Pro models, iPad Air 2 and newer, iPad 5th generation and newer, iPad mini 4 and newer, and iPod touch 7th generation.

Source

Apple support