Apple has just released iOS 15.3.1 and iPadOS 15.3.1, which fixes a small issue that could cause Braille displays to stop responding.
More importantly, it includes a fix for a critical Webkit zero-day vulnerability that may have already been used in the wild. Apple’s release notes describe the security content as follows:
- Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: A use after free issue was addressed with improved memory management.
- CVE-2022-22620: an anonymous researcher
Webkit is Apple’s web rendering engine, and it is required to be used by all browsers on iOS and iPadOS, not just Safari. This means that no matter what browser you use on your iPhone or iPad, it’s possible for users to craft web content in such a way that it allows them to run anything on your device. And worse, it may have already been used in the real world, rather than just discovered by security researchers.
In other words, you want to get this patch as soon as possible. To do so, open the Settings app, tap General, then Software Update.
