Notebookcheck Logo

Apple releases new iOS and iPadOS updates to address ten security issues

iOS 15.3 and iPadOS 15.3 are rolling out now to multiple devices. (Image source: Apple)
iOS 15.3 and iPadOS 15.3 are rolling out now to multiple devices. (Image source: Apple)
Apple has started rolling out iOS 15.3 and iPadOS 15.3 to multiple devices. The two OS updates contain fixes for at least ten security issues but lack any new features or changes. iOS 15.3 and iPadOS 15.3 are large updates too, considering their contents.
Apple iOS iPad Pro Security Software

Apple has released more security-focused updates for iOS and iPadOS, two weeks after the company issued versions 15.2.1 for both operating systems. While the two changelogs only clarify that iOS 15.3 and iPadOS 15.3 include 'bug fixes and security updates', a support document explains that iOS 15.3 and iPadOS 15.3 address the following security issues:

iOS 15.3 and iPadOS 15.3 - CVEs

  • ColorSync - CVE-2022-22584

    • Impact: Processing a maliciously crafted file may lead to arbitrary code execution
    • Description: A memory corruption issue was addressed with improved validation.

  • Crash Reporter - CVE-2022-22578

    • Impact: A malicious application may be able to gain root privileges
    • Description: A logic issue was addressed with improved validation.

  • iCloud - CVE-2022-22585

    • Impact: An application may be able to access a user's files
    • Description: An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization.

  • IOMobileFrameBuffer - CVE-2022-22587

    • Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
    • Description: A memory corruption issue was addressed with improved input validation.

  • Kernel - CVE-2022-22593

    • Impact: A malicious application may be able to execute arbitrary code with kernel privileges
    • Description: A buffer overflow issue was addressed with improved memory handling.

  • Model I/O - CVE-2022-22579

    • Impact: Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution
    • Description: An information disclosure issue was addressed with improved state management.

  • WebKit - CVE-2022-22589

    • Impact: Processing a maliciously crafted mail message may lead to running arbitrary javascript
    • Description: A validation issue was addressed with improved input sanitization.

  • WebKit - CVE-2022-22590

    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution
    • Description: A use after free issue was addressed with improved memory management.

  • WebKit - CVE-2022-22592

    • Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
    • Description: A logic issue was addressed with improved state management.

  • WebKit Storage - CVE-2022-22594

    • Impact: A website may be able to track sensitive user information
    • Description: A cross-origin issue in the IndexDB API was addressed with improved input validation.

The same support document adds that iOS 15.3 fixes these CVEs for the iPhone 6s and later. By contrast, iPadOS 15.3 resolves the same issues for all iPad Pro models, along with the iPad Air 2iPad 5th generationiPad mini 4 and the iPod Touch (7th Gen) or later. Both updates are rolling out now as over-the-air (OTA) downloads globally and can be triggered by navigating to Settings > General > Software Update.

For reference, iOS 15.3 and iPadOS 15.3 are rather large downloads. Download sizes vary too, with the iPhone 13 mini receiving a 1.06 GB update, compared to the sub-1 GB download for its predecessor. Additionally, iPadOS 15.3 is a circa 800 MB download for the iPad Pro 11 (2020). Unfortunately, neither OS update, the third major revision for iOS 15 and iPadOS 15, contain any feature updates or changes.

Purchase the Apple Watch Series 7 on Amazon

(Image source: NotebookCheck)
(Image source: NotebookCheck)

Source(s)

Apple (1) (2) via MacRumors

Related Articles

Apple iPhone 15 Pro Max flagship (Source: Apple)
iOS 17.0.1, iPadOS 17.0.1, and macOS 13.6 bring critical security patches 09/25/2023
While iOS 15.5 may seem like an incremental update, a quick dive below the surface proves there's a lot more than meets the fingers. (Image source: Apple/edited)
iOS 15.5 takeaways: 6 undeniably helpful features and future indicators 05/24/2022
iOS 16? I'm just here for the Apple Park transitions. (Image source: Apple/Unsplash/Own)
Apple iOS 16: 4 features that fans want the most 03/16/2022
The next iPad Air could offer significant upgrades compared to the 2020 version. (Image source: Sayan Majhi)
iPad Air 5 to launch with an Apple M1, 5G connectivity and in a new purple colourway 03/08/2022
Apple releases new iOS and iPadOS versions. (Source: Apple)
Apple releases the incremental iOS and iPadOS 15.3.1 update to fix a crucial security discrepancy 02/11/2022
Make your iPad last longer than ever before with these helpful tips! (Image Source: Unsplash)
4 ways you can maximize battery life on your iPad 02/10/2022
Apple's new feature in action. (Source: Apple)
Apple's new Tap to Pay on iPhone feature raises hopes of on-device crypto transactions in the near future 02/09/2022
The next iPhone SE could launch in India with three memory configurations. (Image source: AB)
Apple rumoured to be testing a new budget iPad, iPhone SE 5G and iPad Air 5 in India ahead of spring launches 02/02/2022
iPad Pro pictured with Magic Keyboard (Image Source: Unsplash)
4 gamechanging keyboard shortcuts that every iPad user should know 01/31/2022
The new C6 camera. (Source: EZVIZ)
EZVIZ pitches its new C6 camera at parents or pet-owners anxious about leaving the home for work again 01/29/2022
Widgets could become more interactive with iOS 16. (Image source: Omid Armin)
Recent iPhones could receive interactive widgets with iOS 16 01/28/2022
Safari on macOS and iOS 15 suffers from a serious privacy violation bug. (Image Source: Apple)
Unpatched Safari 15 bug on macOS, iOS 15, and iPadOS 15 found to expose browsing history and Google account info 01/17/2022
Versions 15.2.1 of iPadOS and iOS are rolling out now. (Image source: Apple)
Apple releases iPadOS 15.2.1 and iOS 15.2.1 to address a long-standing security flaw for both operating systems 01/13/2022
Apple has deleted all references to its CSAM initiative. (Image source: Jeremy Bezanger)
Apple pulls controversial CSAM plans to scan the Photos app in iOS and iPadOS for nude pictures of children from its website 12/16/2021
iOS is one of five operating systems that Apple has updated today. (Image source: Apple)
HomePod 15.2, iOS 15.2, iPadOS 15.2 and watchOS 8.3 begin rolling out across Apple devices 12/14/2021
Apple's new Messages update might act like this. (Source: Bloomberg)
iOS 15.2 is the update in which Apple will start to roll its anti-CSAM system out 12/12/2021
Since iPhones are not transparent, iOS 15.2 will introduce a new feature that allows users to check the repair history of their device (Image: Frankie)
iOS 15.2 update shows whether or not genuine Apple parts were used in iPhone repairs 12/08/2021
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2022 01 > Apple releases new iOS and iPadOS updates to address ten security issues
Alex Alderson, 2022-01-27 (Update: 2022-01-27)