Apple releases iOS 11.2.2 security update with Spectre mitigations for Safari

Posted · Add Comment

Apple has released iOS 11.2.2 for iPhone and iPad. The software update highlights security improvements and Apple “recommends for all users.”

Apple hasn’t disclosed exactly what security issues are addressed by iOS 11.2.2, but we can expect to see details on Apple’s security page shortly. We’ll update when we learn more about the new version. For now, non-beta users can find iOS 11.2.2 for iPhone and iPad as a software update over-the-air through the Software Update section of the Settings app.

The update could relate to the recently disclosed Spectre and Meltdown flaws discovered in most computer processors including ones used in iPhones and iPads. Apple acknowledged both issues last week and said it already addressed issues that could affect iOS and macOS while risks to Safari would be addressed soon.

Update: Apple says the update is for Safari to address the Spectre vulnerability.

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Description: iOS 11.2.2 includes security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).

We would like to acknowledge Jann Horn of Google Project Zero; and Paul Kocher in collaboration with Daniel Genkin of University of Pennsylvania and University of Maryland, Daniel Gruss of Graz University of Technology, Werner Haas of Cyberus Technology, Mike Hamburg of Rambus (Cryptography Research Division), Moritz Lipp of Graz University of Technology, Stefan Mangard of Graz University of Technology, Thomas Prescher of Cyberus Technology, Michael Schwarz of Graz University of Technology, and Yuval Yarom of University of Adelaide and Data61 for their assistance.

By: Zac Hall

Leave a Reply