Apple’s iOS/iPadOS 15.2.1 update fixes HomeKit flaw that crashed devices

Apple rolled out iOS and iPadOS 15.2.1 on Wednesday. The minor update brings several bug fixes, including a patch for a denial-of-service vulnerability found in HomeKit.

Trevor Spiniolas discovered the vulnerability and published details about it on January 1st. At the time, Spiniolas accused Apple of being slow to respond to his initial disclosure, which he made in August 2021. The bug affects iOS and iPadOS versions as far back as 14.7 and possibly earlier versions too — iPhone and iPad owners should update their devices to avoid the bug.

The vulnerability, if exploited, would lead to HomeKit devices with really long names crashing iPhones and iPads. HomeKit is an API used for connecting smart home gadgets to iOS devices, and it backs up device names to iCloud. That means users hit with the problem would experience it again if they re-connected that same iCloud account.

Apple published a security notice for the iOS 15.2.1 update — it only lists the HomeKit issue and notes the following fix: “A resource exhaustion issue was addressed with improved input validation.”

However, there are other items in the 15.2.1 update. According to The Verge, the patch also fixes a bug that impacted the performance of third-party CarPlay apps and a bug that stopped the Messages app from loading certain photos sent through iCloud.

To download the update, open the Settings app on your iPhone or iPad > Tap ‘General’ > Tap ‘Software Update.’

Source: Apple Via: The Verge

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.