iOS 17.0.1 and iOS 17.0.2 fix critical security vulnerabilities

Apple released an update just hours after the launch of the new iPhone 15 series and less than a week after iOS 17 became available for older iPhones. Surely unprecedented?

Here you will find everything you need to know.

What update do you need?

iOS 17.0.2 is required if you own an iPhone 15 series, a small but rapidly growing group. Other users require iOS 17.0.1.

Which iPhones are compatible with iOS 17.0.1 and iOS 17.0.2?

iOS 17.0.1 is compatible with iPhones released in 2018 or later. That implies that the iPhone Xs, Xs Max and Xr are the oldest phones, followed by the iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max and all subsequent phones. Contains the second and third generation iPhone SE models. iOS 17.0.2, the second new version, is only available for iPhone 15, iPhone 15 Plus, iPhone 15 Pro, and iPhone 15 Pro Max.

How to get it

Updating to the latest software is easy and the download isn’t large (430MB on my iPhone 14 Pro Max), so it shouldn’t take long.

Launch the Settings app, then go to General and then Software Update. Of course, you will only be offered updates that are relevant to your device. Select Download and Install below and you’ll be up to date in no time.

What’s in the launch?

This update only fixes security vulnerabilities and does not contain any new functionality. These will be included in iOS 17.1, which is expected to be delivered to developers soon. In the meantime, this update aims to fix three bugs.

See also  Meta's AI chatbots come to Instagram, Facebook and WhatsApp

Apple claims that each of these issues were previously fixed in iOS 16.7. Two of the three have been improved by the current version. Two of them benefit from better controls as a result of new software and one addresses a certificate validity issue.

The most worrying thing about all three, and what no doubt fueled the rapid deployment of these patches, is that they were almost certainly actively exploited in the real world before iOS 16.7 arrived.

The first of the three is a Kernel bug, which Apple describes as “a local attacker can elevate his privileges.” The second concern, security, recognizes that malicious software “may be able to bypass signature validation.” The certificate validation issue was addressed here.

The third is a WebKit fix, which could have resulted in “arbitrary code execution” when parsing web content. It has now been fixed, as has the Kernel issue, with improved checks.

Apple, as always, says: “For the protection of our customers, Apple does not disclose, analyze or confirm security issues until an investigation has been conducted and patches or releases are available.”

Subscribe to our latest newsletter

To read our exclusive content, register now. $5/Monthly, $50/Yearly

Categories: Technology
Source: vtt.edu.vn

Leave a Comment