iOS 15.3 is here – what’s in the iPhone update?

Just recently, atechbook reported a serious security vulnerability in iOS. Now Apple has responded by providing an update for iPhone and iPad.

In mid-January, Apple released iOS 15.2.1 to close a security hole in Apple’s smart home software HomeKit. Just under two weeks later, iOS 15.3 follows, which again brings a few more changes. Unfortunately, there are no new features, but there are plenty of bug fixes and security patches.

iOS 15.3 closes security hole in Safari

A flaw in Apple’s WebKit – the browser engine on which Safari is based – allows websites to track users across multiple pages. The problem lies in Safari’s implementation of the IndexD programming interface for JavaScript. The interface controls memory access for web pages, but it is not sufficiently secured in iOS 15. Because of this, websites can track users’ web activity and browsing history, and even find out their identities.

Apple itself describes the vulnerability, as follows: “A website can track sensitive user data”. The company has eliminated the bug in iOS 15.3 by improving input validation. The vulnerability with the identifier CVE-2022-22594 was found by the security company FingerprintJS.

Update fixes numerous other bugs

Another serious security vulnerability in iOS 15 is caused by a memory error in the “IOMobileFrameBuffer”. The frame buffer is – simply put – the part of the memory in which images are temporarily stored, which then appear on the screen. Since the IOMobileFrameBuffer is an extension of the iOS kernel, hackers can gain access to it and execute malicious code.

Access to the system kernel means virtually unfettered access to all operating system features. Apple is aware of a report that this vulnerability has been actively exploited by hackers. iOS 15.3 fixes the memory bug with improved input validation.

Another eight vulnerabilities in Apple’s WebKit, iCloud and other system components have also received patches. The complete list with all details can be found on the Apple Support page about the contents of iOS 15.3.

Also interesting: The most common bugs in iOS 15 and how to fix them.

Best to install iOS 15.3 right away

atechbook recommends installing the approximately one gigabyte update as soon as possible. Not only does it fix a serious security vulnerability in Safari. The reports about a possibly already exploited vulnerability are also worrying.

The update is available for iPhone in the form of iOS 15.3 and iPad in the form of iPadOS 15.3. It is compatible with all devices that supported iOS/iPadOS 15: iPhone 6s and newer, all iPad Pro models, iPad Air 2 and newer, iPad 5th generation and newer, iPad mini 4 and newer, and iPod touch 7th generation.