Apple fixes two major security flaws with iOS 15.7.5, now available
iOS 15.7.5 is now out to all eligible iPhones with the sole purpose of squashing two serious vulnerabilities that may very well have been abused by ill-doers. The iPadOS 15.7.5 hotfixing software was also released to all iPads that support that respective version of the OS.
Aside from patching the vulnerabilities in question, iOS 15.7.5 doesn't really bring any new features on board, so don't get your hopes up. But what are the security problems that necessitated the hotfix? As per Apple, these affect:
Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: An out-of-bounds write issue was addressed with improved input validation.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A use-after-free issue was addressed with improved memory management.
- IOSurfaceAccelerator
Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: An out-of-bounds write issue was addressed with improved input validation.
- WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A use-after-free issue was addressed with improved memory management.
iOS 15.7.5 is currently available to the iPhone 6s/6s Plus, iPhone 7/7 Plus, iPhone SE 1st Gen, iPad Air 2, iPad mini 4th Gen, and iPod Touch 7th Gen. To get the update, head to your Settings app, go in General, tap on Software Update, and follow the on-screen instructions.
Things that are NOT allowed: