As expected, Apple today released iOS 17.1.2 and iPadOS 17.1.2, security updates to the iOS 17 and iPadOS 17 operating systems that Apple released in September.
iOS 17.1.2 and iPadOS 17.1.2 can be downloaded on compatible iPhones and iPads over-the-air by going to “Settings” -> “General” -> “Software Update.”
According to Apple’s release notes, iOS 17.1.2 includes important security fixes that address vulnerabilities that may have already been exploited in earlier versions of iOS.
Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
Michael Covington, VP of Portfolio Strategy at Jamf commented on today’s release, as well as the macOS Sonoma 14.1.2 update released today that addresses the same security flaws in macOS.
These latest OS updates, which address bugs in Appleās WebKit, show that attackers continue to focus on exploiting the framework that downloads and presents web-based content. The latest bugs could lead to both data leakage and arbitrary code execution, and appear to be tied to targeted attacks that are common against high-risk users.
Despite these vulnerabilities being actively exploited, Apple continues to rapidly respond to address product issues. In addition to maintaining their own monitoring mechanisms to detect malicious activity, Apple collaborates with researchers in the community and runs an active bug bounty program.
Though these patches validate that Apple devices are not immune to cyber threats, the patching process is helping to reduce the attack surface. Now that the patches are issued, it is up to users, and organizations that utilize Apple devices for work, to update their devices and monitor for compliance to ensure that all critical devices are no longer vulnerable as soon as possible.
Apple currently has a major iOS 17.2 update in beta testing. That update is expected to be released in December.
