Over the past few months, there’s been a lot of focus on iOS 16, iPadOS 16, and the all-new iPhone 14 lineup. However, there are those who are still using older iPhones that don’t support iOS 16, leaving them running iOS 15. While this might seem like an annoyance for some, the nice thing is that Apple doesn’t leave them in the complete dark after migrating to an updated mobile operating system.
Because iPhone owners still use older hardware that’s not supported by the latest software versions, Apple has had to pivot in recent years. Instead of leaving your iPhone or iPad “alone”, we’ve started seeing Apple release updates designed to fix bugs. But perhaps even more importantly, these updates are also filled with security patches that fix any potential vulnerabilities found in iOS or iPadOS.
And that’s precisely what we have with iOS 15.7.1, as this update doesn’t bring any new features. Instead, it just focuses on patching vulnerabilities if you’re using a device that isn’t supported by iOS 16 or iPadOS 16. As a side note, Apple does point out that these vulnerabilities have also been patched with the latest stable release of iOS 16.1 and iPadOS 16.1.
iOS 15.7.1 Changelog
If you wanted to get a better idea of what is included in this latest update, Apple also provided an official changelog with all of the vulnerabilities that were patched.
Apple Neural Engine:
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32932: Mohamed Ghannam (@_simo36)
Audio:
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information
Description: The issue was addressed with improved memory handling.
CVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative
Backup:
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An app may be able to access iOS backups
Description: A permissions issue was addressed with additional restrictions.
CVE-2022-32929: Csaba Fitzl (@theevilbit) of Offensive Security
FaceTime
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A user may be able to view restricted content from the lock screen
Description: A lock screen issue was addressed with improved state management.
CVE-2022-32935: Bistrit Dahal
Graphics Driver
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved bounds checks.
CVE-2022-32939: Willy R. Vasquez of The University of Texas at Austin
Image Processing
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: This issue was addressed with improved checks.
CVE-2022-32949: Tingting Yin of Tsinghua University
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved state management.
CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved locking.
CVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom)
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved bounds checks.
CVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: An out-of-bounds write issue was addressed with improved bounds checking.
CVE-2022-42827: an anonymous researcher
Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A logic issue was addressed with improved checks.
CVE-2022-42801: Ian Beer of Google Project Zero
Model I/O
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted USD file may disclose memory contents
Description: The issue was addressed with improved memory handling.
CVE-2022-42810: Xingwei Lin (@xwlin_roy) and Yinyi Wu of Ant Security Light-Year Lab
ppp
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A buffer overflow may result in arbitrary code execution
Description: The issue was addressed with improved bounds checks.
CVE-2022-32941: an anonymous researcher
Safari
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Visiting a maliciously crafted website may leak sensitive data
Description: A logic issue was addressed with improved state management.
CVE-2022-42817: Mir Masood Ali, PhD student, University of Illinois at Chicago; Binoy Chitale, MS student, Stony Brook University; Mohammad Ghasemisharif, PhD Candidate, University of Illinois at Chicago; Chris Kanich, Associate Professor, University of Illinois at Chicago
WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Processing maliciously crafted web content may disclose internal states of the app
Description: A correctness issue in the JIT was addressed with improved checks.
WebKit Bugzilla: 242964
CVE-2022-32923: Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab
Wi-Fi
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Joining a malicious Wi-Fi network may result in a denial-of-service of the Settings app
Description: The issue was addressed with improved memory handling.
CVE-2022-32927: Dr Hideaki Goto of Tohoku University, Japan
zlib
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A user may be able to cause unexpected app termination or arbitrary code execution
Description: This issue was addressed with improved checks.
Andrew is a freelance writer based on the East Coast of the US.
He has written for a variety of sites over the years, including iMore, Android Central, Phandroid, and a few others. Now, he spends his days working for an HVAC company, while moonlighting as a freelance writer at night.
I bought the latest ipod with iOS 15.7.1. I’m using it mainly to listen to music. The shuffle app leaves much to be desired. My old nano allowed me to shuffle and not repeat. It seems like I am constantly listening to to same songs with the newer ipod and I see no setting for do not repeat. What gives?
Orgito Selmanaj says
How to get Update for iPhone 7+ iOS 16 please
jennifer says
I bought the latest ipod with iOS 15.7.1. I’m using it mainly to listen to music. The shuffle app leaves much to be desired. My old nano allowed me to shuffle and not repeat. It seems like I am constantly listening to to same songs with the newer ipod and I see no setting for do not repeat. What gives?