iPadOS 15.7 released for iPad


Apple has released a new update for the iPad, iPadOS 15.7, the software was released at the same time as the iOS 16 and watchOS 9 software updates.

Apple also released macOS Bug Sur 11.7 and macOS Monterey 12.6, and all of these updates come with a bunch of security fixes for some important issues.

You can see the security release notes below.

It was released on September 12, 2022

Contacts

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: The app may be able to override your privacy preferences

Description: This issue was addressed with improved checks.

CVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security

beads

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: The application may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32911: Zweig from Kunlun Lab

beads

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An application may be able to detect kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)

beads

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: The application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue has been actively exploited.

Description: The issue was addressed with improved bounds checks.

CVE-2022-32917: Unidentified Researcher

maps

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: The app may be able to read sensitive location information

Description: A logic issue was addressed with improved constraints.

CVE-2022-32883: Ron Masas, breakpointhq.com

Media Library

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: The user may be able to elevate privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-32908: Unidentified Researcher

Safari

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Visiting a malicious website may lead to address bar spoofing

Description: This issue was addressed with improved checks.

CVE-2022-32795: Narendra Bhati from Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati

safari accessories

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: The website may be able to track users through Safari web extensions

Description: A logic issue was addressed with improved state management.

WebKit Bugzilla: 242278
CVE-2022-32868: Michael

abbreviations

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: A person with physical access to an iOS device may be able to access photos from the lock screen

Description: A logic issue was addressed with improved constraints.

CVE-2022-32872: Elite Tech Guru

WebKit

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A buffer overflow issue was addressed with improved memory handling.

WebKit Bugzilla: 241969
CVE-2022-32886: P1umer, afang5472, xmzyshypnc

WebKit

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Read out of bounds was handled with improved bounds checking.

WebKit Bugzilla: 242762
CVE-2022-32912: Jeonghoon Shin (@singi21a) in Theori working with Trend Micro’s Zero Day Initiative

It is recommended that you install the iPadOS 15.7 software update on your device, and you can install the update by going to Settings > General > Software Update on your device and clicking Install update.





Source link

Leave a Reply

Your email address will not be published.