Apple Suddenly Releases Urgent Update For All iPhone Users

by

This post was updated on November 30, 2023, to add Apple’s security notes and details of what it means.

The iOS 17.1.1 iPhone update landed on Tuesday, November 7, 2023. Just three weeks later, Apple has delivered its next release, iOS 17.1.2, warning all users to update now. Here’s what’s in it and how you can get it straight away.

Which iPhones Can Run iOS 17.1.2?

Like all the releases since the arrival of iOS 17 back in September, this new update is compatible with all iPhones released in 2018 or after. That means iPhone Xs, iPhone Xs Max and iPhone Xr from 2018, then iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max, plus all the iPhone 13, iPhone 14 and iPhone 15 variants. It also includes iPhone SE second- and third-generation models.

MORE FROM FORBESApple Makes Surprise Free Offer To All iPhone 14 UsersBy David Phelan

How To Get It

On your iPhone, open the Settings app, choose General, then Software Update. Here, you’ll see sections on Automatic Updates, and Beta Updates. Whether you have automatic updates on or off, you can choose to download the new software now. Pick Download and Install, and your iPhone will be ready in no time.

What’s In The Release

This update has been something of a surprise. We were all waiting for iOS 17.2, which is expected in December and includes a number of new features as well as bug fixes.

But last week there were rumors of an in-between release, and that’s what this is. It’s not a Rapid Security Response, the kind that Apple pioneered earlier this year and which is designed to ensure that the most urgent security fixes can be deployed as soon as possible, without waiting for the next regular update. Those are exclusively for security fixes, that is, they can’t include new features, for instance. RSRs are easily spotted by the bracketed letter at the end of the version number, and they can’t be added to whole-number updates. In other words, while you could have iOS 17.1.1 (a), you couldn’t have iOS 17 (a). Anyway, this isn’t an RSR.

However, there are no new features. Apple merely says, “This update provides important security fixes and is recommended for all users.”

It looks like we need to wait for iOS 17.2, expected in December, for shiny new features, including the much-anticipated Journal app, changes to the Apple TV app and ways to change notification sounds.

Update: Apple’s security notes.

Apple has now published its security notes, and it’s now clear that’s why this update has landed when it did. When you see the words “this issue may have been exploited,” as appear in the notes, it’s an indication that the update is urgent and deals with important stuff. In this case, both fixes are for WebKit, Apple’s web browser engine, the first where sensitive information could have been disclosed, while the other may have been exploited for arbitrary code execution. Full notes below. I’ll be looking into how successful this release has been or whether it’s caused problems, and advising whether you should update or not. So, please check back for that tomorrow.

WebKit

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.

Description: An out-of-bounds read was addressed with improved input validation.

WebKit Bugzilla: 265041

CVE-2023-42916: Clément Lecigne of Google’s Threat Analysis Group

WebKit

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.

Description: A memory corruption vulnerability was addressed with improved locking.

WebKit Bugzilla: 265067

CVE-2023-42917: Clément Lecigne of Google’s Threat Analysis Group

MORE FROM FORBESApple iPhone iOS 17 NameDrop Causes Security Panic: Should You Be Worried?By David Phelan

Follow me on Twitter

I’ve been writing about technology for two decades and am routinely struck by how the sector swings from startling innovation to persistent repetitiveness. My areas of specialty are wearable tech, cameras, home entertainment and mobile technology. I also work as an actor, enjoying equally the first Mission Impossible movie, a season at Shakespeare’s Globe and a part in the fourth series of The Crown. 

I’ve written for the Daily Telegraph, the Sunday Times, the Daily Mail, the Sun, Metro, Stuff, T3, Pocket-lint, Wareable.com and Wired. Right now most of my work away from Forbes appears in the Independent, the Evening Standard and Monocle Magazine. Follow me on Instagram: davidphelantech, or Twitter: @davidphelan2009.

Read MoreRead Less

Reference 

Denial of responsibility! Elite News is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
DMCA compliant image

Leave a comment

About Contact Privacy Policy Cookie Policy Terms of USE Disclaimer DMCA

© 2024 Elite News. All Rights Reserved. Website Design and Created by Team Elite News