Apple iOS 18.2 Addressing Major Security Vulnerabilities, Urging Users To Update Immediately

Apple has officially rolled out iOS 18.2, introducing the first major Apple Intelligence features alongside 21 critical security updates that users are urged to apply immediately.

This update is expected to prompt many iPhone users to transition to iOS 18, given the significant security enhancements it brings.

The iOS 18.2 release addresses critical vulnerabilities in the iPhone Kernel and WebKit, the underlying engine of the Safari browser, among other issues. These patches fix flaws that could allow attackers to execute malicious code on a device.

Additionally, Apple has discontinued the option to remain on iOS 17 for devices compatible with iOS 18. For older devices, Apple released iOS 17.7.3, which addresses 14 vulnerabilities.

However, the compatibility for this update is limited to specific models, including the iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation.

This change highlights Apple’s push for users with newer devices to adopt iOS 18, as staying on iOS 17 leaves devices vulnerable.

What’s Fixed in iOS 18.2?

Apple has kept details about the iOS 18.2 security patches limited to allow users ample time to update before malicious actors can exploit the vulnerabilities.

Among the key fixes are three Kernel flaws (CVE-2024-54494, CVE-2024-54510, and CVE-2024-44245), with one potentially allowing apps to cause system crashes or corrupt Kernel memory.

A particularly concerning issue in libexpat (CVE-2024-45490) could enable remote attackers to terminate apps unexpectedly or execute code.

Apple iOS 18.2

Similarly, two libxpc vulnerabilities were patched, one of which allowed apps to gain elevated privileges.

WebKit, which powers Safari, received updates to address four flaws that could lead to memory corruption when interacting with malicious web content.

Another critical vulnerability in the Passwords app (CVE-2024-54492) was patched to resolve a risk where attackers in privileged network positions could alter traffic due to the use of unencrypted HTTP for downloading icons.

The issue was resolved by switching to HTTPS, a secure protocol. Researchers from Mysk flagged this vulnerability, noting the potential risk since iOS 18’s launch.

Sean Wright, head of application security at Featurespace, emphasized the importance of addressing the issue promptly, urging users to update as soon as possible.

Other Updates Released Alongside iOS 18.2

In addition to iOS 18.2 and iOS 17.7.3, Apple released updates across its ecosystem, including Safari 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, watchOS 11.2, tvOS 18.2, and visionOS 2.2. These updates fix various vulnerabilities, particularly in WebKit and Safari.

Why Update to iOS 18.2 Now?

The sheer number of security fixes and the fact that users cannot remain secure on iOS 17 make updating to iOS 18.2 crucial. Beyond security, the update introduces exciting new features, including the integration of OpenAI’s ChatGPT with Siri for the first time.

iOS 18.2 is available for iPhone XS and newer models, as well as various iPad generations, including iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation, iPad Air 3rd generation, iPad 7th generation, and iPad mini 5th generation.

To update, go to Settings > General > Software Update and install iOS 18.2 today to ensure your device remains secure and up-to-date with Apple’s latest innovations.

Keval Dave
Keval Dave
Keval Dave, a university student majoring in Mass Communication, possesses a profound interest in politics and strategic affairs. His analytical prowess and dedication to understanding global dynamics drive his pursuit of knowledge.
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x