The bumper security patch is detailed on Apple’s support page, with multiple issues enabling an application to “execute arbitrary code with kernel privileges”, while others even involved compromising system privileges.
There are also references to potential security vulnerabilities that could allow attackers to gain access to the device’s read and write privileges. A Safari Private Browsing flaw would enable malicious websites to track that activity, and another security issue could allow a malicious app to bypass signature validation.
Apple also describes a flaw with Shortcuts that would enable someone with physical access to a user’s iOS device to access their photos from the lock screen.
It’s quite the laundry list of vulnerabilities Apple is plugging today, which you can see here. Even though the company isn’t describing this as a critical update, as it often does, we’d recommend you install this on your phone and tablet as soon as possible.
Elsewhere there are feature updates arriving within iOS 15.5, pertaining to Apple Cash, Apple Podcasts and also a fix for a home automations feature.
The release noes are as follows:
- Wallet now enables Apple Cash customers to send and request money from their Apple Cash card.
- Apple Podcasts includes a new setting to limit episodes stored on your iPhone and automatically delete older ones.
- Fixes an issue where home automations, triggered by people arriving or leaving, may fail.