IPhone users can now install the stable iOS 15.3.1 release. This is an urgent update that fixes the 0-day vulnerability giving unauthorized access to the phone. Installation requires less than 900 MB of data to be downloaded.
Apple has released an iOS and iPadOS update, which is crucial for security. Version 15.3.1 may come as a surprise (release 15.4 is already available in a trial version), but don’t hesitate to install it. The update includes a patch for the 0-day vulnerability marked as CVE-2022-22620 , which allows you to get to the data on the device.
According to Kaspersky , it is about incorrect management of dynamic memory in applications, which in practice leads to unauthorized access to data. The attack can be carried out from the level of a crafted website and ultimately lead to the execution of arbitrary code on an unpatched version of iOS. That is why the installation of the revised version of the system is so important.
The vulnerability was classified as Use-After-Free , which means unauthorized access to the theoretically freed memory by other applications. The idea is to use unremoved pointers that allow hackers to access data in memory that should not, by definition, be reachable, especially from other programs.