Apple fixes critical iPhone security flaw
Apple released a software update to fix bugs related to “Find My” features and a critical security flaw — which the company said may have already been exploited.
iOS 15.0.2, released on Monday, addresses a vulnerability that allows an attacker to exploit the IOMobileFrameBuffer “to execute arbitrary code with kernel privileges” and take control of the device.
An arbitrary code execution vulnerability allows an attacker to run any program on the target device. Apple said it “is aware of a report that this issue may have been actively exploited” in iOS 15.
The release notes indicate that the update also addresses the following issues:
- Photos saved to your library from Messages could be deleted after removing the associated thread or message
- iPhone Leather Wallet with MagSafe may not connect to Find My
- AirTag might not appear in the Find My Items tab
- CarPlay may fail to open audio apps or disconnect during playback
- Device restore or update may fail when using Finder or iTunes for iPhone 13 models
Apple released its previous iOS update — 15.0.1 — on 1 October to fix the iPhone 13’s “Unlock with Apple Watch” feature.
The company is also currently beta testing iOS 15.1, including features such as support for adding a proof of vaccination card to Apple Wallet, the launch of SharePlay, and new iPhone 13 Pro camera features.
Apple SharePlay was initially intended to be released with the original build of iOS 15 but was pushed back to a later software update.