Apple fixes zero-day flaw in WebKit with iOS 15.3.1
A critical Webkit security flaw has been fixed in iOS 15.3.1, making it a high priority update. Apple announces that this vulnerability could have been exploited several times.
Apple just released iOS 15.3.1 and iPadOS 15.3.1, which fixes an issue that could cause braille displays to become unresponsive. Most importantly, this update includes a fix for a critical zero-day Webkit vulnerability that may have already been actively exploited. Called CVE-2022-22620, this flaw, considered important, is described as follows: “the processing of maliciously crafted web content may lead to the execution of arbitrary code”. Apple is aware of a report indicating that this breach may have been actively exploited. Note that this update is available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
For the record, Webkit is Apple’s web rendering engine, and it should be used by all browsers on iOS and iPadOS, not just Safari. Faced with this large attack surface, it is imperative to apply the patch as quickly as possible. To do this, just open the Settings app, tap General, then Software Update.
Bugs are on the rise in iOS 15
A few days earlier, a bug in iOS 15 was discovered. This flaw sent Siri recordings to Apple by mistake. The firm then quickly proposed a fix to this effect. Also note that Apple recently released its iOS 15.4 version, intended to improve security functions, in particular its password vault. Its facial recognition technology now takes into account the inevitable masks.