AppleToolBox

Tools and Fixes for Mac, iPad, iPhone & iWatch

CATEGORIES

SITE

You are here: Home / News / What’s New With iOS 15.7.1?

What’s New With iOS 15.7.1?

By 2 comments Last updated December 29, 2022

Over the past few months, there’s been a lot of focus on iOS 16, iPadOS 16, and the all-new iPhone 14 lineup. However, there are those who are still using older iPhones that don’t support iOS 16, leaving them running iOS 15. While this might seem like an annoyance for some, the nice thing is that Apple doesn’t leave them in the complete dark after migrating to an updated mobile operating system.

Related Reading

What’s New With iOS 15.7.1?

Because iPhone owners still use older hardware that’s not supported by the latest software versions, Apple has had to pivot in recent years. Instead of leaving your iPhone or iPad “alone”, we’ve started seeing Apple release updates designed to fix bugs. But perhaps even more importantly, these updates are also filled with security patches that fix any potential vulnerabilities found in iOS or iPadOS.

And that’s precisely what we have with iOS 15.7.1, as this update doesn’t bring any new features. Instead, it just focuses on patching vulnerabilities if you’re using a device that isn’t supported by iOS 16 or iPadOS 16. As a side note, Apple does point out that these vulnerabilities have also been patched with the latest stable release of iOS 16.1 and iPadOS 16.1.

iOS 15.7.1 Changelog

If you wanted to get a better idea of what is included in this latest update, Apple also provided an official changelog with all of the vulnerabilities that were patched.

  • Apple Neural Engine:
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: An app may be able to execute arbitrary code with kernel privileges
      • Description: The issue was addressed with improved memory handling.
      • CVE-2022-32932: Mohamed Ghannam (@_simo36)
  • Audio:
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
    • Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information
    • Description: The issue was addressed with improved memory handling.
    • CVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative
  • Backup:
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
    • Impact: An app may be able to access iOS backups
    • Description: A permissions issue was addressed with additional restrictions.
    • CVE-2022-32929: Csaba Fitzl (@theevilbit) of Offensive Security
  • FaceTime
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: A user may be able to view restricted content from the lock screen
      • Description: A lock screen issue was addressed with improved state management.
      • CVE-2022-32935: Bistrit Dahal
  • Graphics Driver
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: An app may be able to execute arbitrary code with kernel privileges
      • Description: The issue was addressed with improved bounds checks.
      • CVE-2022-32939: Willy R. Vasquez of The University of Texas at Austin
  • Image Processing
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: An app may be able to execute arbitrary code with kernel privileges
      • Description: This issue was addressed with improved checks.
      • CVE-2022-32949: Tingting Yin of Tsinghua University
  • Kernel
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: An app may be able to execute arbitrary code with kernel privileges
      • Description: A memory corruption issue was addressed with improved state management.
      • CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai
  • Kernel
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: An app may be able to execute arbitrary code with kernel privileges
      • Description: A race condition was addressed with improved locking.
      • CVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom)
  • Kernel
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges
      • Description: The issue was addressed with improved bounds checks.
      • CVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai
  • Kernel
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
      • Description: An out-of-bounds write issue was addressed with improved bounds checking.
      • CVE-2022-42827: an anonymous researcher
  • Kernel
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: An app may be able to execute arbitrary code with kernel privileges
      • Description: A logic issue was addressed with improved checks.
      • CVE-2022-42801: Ian Beer of Google Project Zero
  • Model I/O
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: Processing a maliciously crafted USD file may disclose memory contents
      • Description: The issue was addressed with improved memory handling.
      • CVE-2022-42810: Xingwei Lin (@xwlin_roy) and Yinyi Wu of Ant Security Light-Year Lab
  • ppp
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: A buffer overflow may result in arbitrary code execution
      • Description: The issue was addressed with improved bounds checks.
      • CVE-2022-32941: an anonymous researcher
  • Safari
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: Visiting a maliciously crafted website may leak sensitive data
      • Description: A logic issue was addressed with improved state management.
      • CVE-2022-42817: Mir Masood Ali, PhD student, University of Illinois at Chicago; Binoy Chitale, MS student, Stony Brook University; Mohammad Ghasemisharif, PhD Candidate, University of Illinois at Chicago; Chris Kanich, Associate Professor, University of Illinois at Chicago
  • WebKit
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: Processing maliciously crafted web content may disclose internal states of the app
      • Description: A correctness issue in the JIT was addressed with improved checks.
      • WebKit Bugzilla: 242964
      • CVE-2022-32923: Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab
  • Wi-Fi
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: Joining a malicious Wi-Fi network may result in a denial-of-service of the Settings app
      • Description: The issue was addressed with improved memory handling.
      • CVE-2022-32927: Dr Hideaki Goto of Tohoku University, Japan
  • zlib
    • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
      • Impact: A user may be able to cause unexpected app termination or arbitrary code execution
      • Description: This issue was addressed with improved checks.
      • CVE-2022-37434: Evgeny Legerov
      • CVE-2022-42800: Evgeny Legerov

Related Posts:

Reader Interactions

Write a Comment

Show 2 Comments

  2. jennifer says

    I bought the latest ipod with iOS 15.7.1. I’m using it mainly to listen to music. The shuffle app leaves much to be desired. My old nano allowed me to shuffle and not repeat. It seems like I am constantly listening to to same songs with the newer ipod and I see no setting for do not repeat. What gives?

    Reply