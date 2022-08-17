Apple has released iOS 15.6.1 and iPadOS 15.6.1. The release notes are simple, stating only that the update “provides important security updates and is recommended for all users.”

The security content page describes the changes in more detail, and indeed, we encourage all iPhone and iPad users to update their devices as soon as possible. According to the document, two vulnerabilities have been addressed. A kernel issue described as “an application may execute arbitrary code with kernel privileges” along with a WebKit issue described as “processing maliciously crafted web content may lead to arbitrary code execution.”

For both issues, Apple says it is aware of reports that the issue may have been actively exploited. Here are the security notes for the update:

kernel

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An application may be able to run arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds write issue was addressed through improved boundary checking.

CVE-2022-32894: An Anonymous Investigator

WebKit

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds write issue was addressed through improved boundary checking.

CVE-2022-32893: An Anonymous Investigator

These are pretty significant security vulnerabilities. Arbitrary code execution is the worst kind of vulnerability – that’s the kind of thing that can inject background code that will run every time your phone is rebooted and do all sorts of nefarious things, bypassing regular security measures. Even worse, there may already be exploits that target these vulnerabilities.

To update your device, open Settings, tap Generalthen Software update.