Apple has released iOS 15.6.1 with a warning asking users to update immediately as it helps to fix two security holes that were used to attack iPhones.
According to Forbes, the first issue fixed in iOS 15.6.1 is a vulnerability in the kernel with code CVE-2022-32894 that allows apps to execute code with kernel privileges. The iPhone maker said on its support page that “Apple has noted a report that this issue may have been actively exploited.”
The other issue patched in iOS 15.6.1 is a vulnerability in WebKit – the engine that powers Safari – and is noted with error code CVE-2022-32893. The vulnerability allows an attacker to allow arbitrary code execution. Apple said it believes attackers used it in real-world scenarios.
Apple says the iOS 15.6.1 upgrade “provides important and recommended security updates for all users.”
It is known that iOS 15.6.1 appears just a few weeks after iOS 15.6 was made available to fix many vulnerabilities that exist on iOS and are exploited by hackers. Apple did not provide any further details about the iPhone vulnerabilities that were fixed in iOS 15.6.1 to prevent more attackers from getting into the details. Basically, it’s not a big update but brings important things related to security, so users need to update now.
Independent security researcher Sean Wright said: “iOS 15.6.1 is an important update. It can fix two vulnerabilities that can be chained together to allow attackers to gain remote access to a victim’s device.”