Alert for all iPhone users, Apple launches iOS 17.5 update
Two months after the release of iOS 17.4, Apple has released iOS 17.5 and issued an alert for all users to update their iPhones as soon as possible. This is because iOS 17.5 fixes 15 security vulnerabilities, some of which are serious.
Apple is keeping quiet about the specific fixes included in iOS 17.5, wanting to give as many users time to update their iPhones before hackers get their hands on their information.
One of the flaws fixed in iOS 17.5 is a kernel issue in the iPhone operating system, tracked as CVE-2024-27818, which allows an attacker to execute code. According to Apple on its support page, another issue fixed in iOS 17.5, in Apple AVD, could cause an adversary to be able to execute arbitrary code with Kener privileges if a user downloaded an app.
A serious flaw fixed in iOS 17.5 was a voice control vulnerability that could have elevated rights to an attacker. Meanwhile, an attacker may be able to bypass pointer authentication thanks to a vulnerability in WebKit, the engine that powers the Safari browser, identified as CVE-2024-27834.
Researchers from the security company Mysk also reported another problem in MarketplaceKit tracked as CVE-2024-27852, where they can see a page with malicious code, capable of distributing a script that tracks users on other web pages.
iOS 17.5 brings new features to Apple News, available for Apple News+ (or Apple News One subscribers), the update includes offline mode in Apple News, which allows users to access some sections of the “Today Feed” and “News+” tab without Internet.
