Update Dec. 12, 2024: This story, published on Dec. 11, now includes details about the Passwords flaw patched in iOS 18.2 and other updates issued by Apple.
With it, Apple issued iOS 18.2 and an added suite of the first major features from Apple Intelligence. There are also 21 security flaws Apple told you to patch on your iPhone right now.
For many users, iPhone settings iOS 18.2 will act as a gateway to the upgrade on iOS 18 and the promised security fixes in this release should serve as important leverage. This upgrade iOS 18.2 has important patches coming through the iPhone kernel interface and Webkit—the very underbelly of the Safari browser, the vulnerabilities that allow attackers to execute their malicious codes directly onto your device.
The release of iOS 18.2 comes as Apple announces the end of the option to select between upgrading or not upgrading to iOS 18.
Furthermore, along with iOS 18.2, Apple also released iOS 17.7.3 to users who had devices on the older operating system, fixing a list of 14 flaws on each of those older devices. It should be noted, however, that the list of compatible devices is much smaller than earlier iterations of the iOS 17 updates, with only the iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation now being represented by Apple’s iOS 17.7.3 updates.
This means Apple is no longer going to allow you the option to remain on iOS 17 if you have a device capable of running iOS 18. And if you choose to remain on the older iOS 17, it also means you are no longer secure.
What’s Up In iOS 18.2?
Apple does not publicly disclose detailed information them fixing the various flaws in iOS 18.2; it gives users of iPhones time to update before malicious actors can get access to those details.
Among the issues fixed in iOS 18.2 are three Kernel bugs tracked as CVE-2024-54494, CVE-2024-54510, and CVE-2024-44245, the latter of which could allow an application to unexpectedly terminate the system or corrupt Kernel memory, according to Apple support page.
An alarming possibility is libexpat’s issue tracked as CVE-2024-45490, where an attacker operating remotely could force unexpected terminations of the target application or execute some code.
By fixing iOS 18.2 vulnerabilities, Apple puts itself at ease from two vulnerabilities in libxpc, which a bogus application could use to seize the power of the execution.
Four vulnerabilities patched in WebKit could have allowed memory corruption if someone was tricked into interacting with compromised Web content.
Also of concern, according to researchers at Mysk, is a flaw in Passwords that has been tracked as CVE-2024-54492. The patch from iOS 18.2 allows an attacker from a privileged network position to change network traffic.
To fix this issue, sending data over a network is done securely via the web protocol HTTPS. “Passwords, since iOS 18, had relied on unencrypted HTTP to pull icons for password entries—this was a potential risk,” said the Mysk researchers.
Sean Wright, an application security leader with Featurespace, highlights the Passwords bug using HTTP instead of HTTPS as “the worry growing.” Update, Wright adds. By pointing out Apple’s new Intelligence features.
Other Apple Fixes Alongside iOS 18.2
Also unveiled alongside iOS 18.2 and iOS 17.7.3, Apple unveiled Safari 18.2 addressing four WebKit issues and a problem with Safari. Other releases included macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, watchOS 11.2, tvOS 18.2, and visionOS 2.2.
A Positive Case for Upgrading To iOS 18.2
If security updates are anything to go by and on the fact you cannot remain on iOS 17 if you wish security, that should be sufficient backing for you to make an immediate switch to iOS 18.2. Apple’s iOS 18.2 also entails features that are quite good, such as OpenAI’s ChatGPT to be integrated with Siri for the very first time.
Apple’s iOS 18.2 runs on iPhone XS and higher while being available on iPad Pro 13-inch, iPad Pro 12.9-inch on 3rd generation and higher, iPad Pro 11-inch on 1st generation and higher, iPad Air 3rd generation onwards, iPad 7th generation onward, and iPad mini 5th generation onward.
So, what are you waiting for? Head to Settings -> General -> Software Update and update yourself to iOS 18.2 as soon as possible.
No comments yet