SECURITY
SECURITY
SECURITY
Apple update addresses battery-draining and security issues
Apple Inc. today released software updates for its products that address security issues and a battery-draining issue on iPhones and iPads.
Both iOS 15.4.1 and iPadOS 15.41.1 address a security issue in iPhones and various iPads. The vulnerability resides in AppleAVD, Apple’s audio and video decoding framework, and is described by Apple as an application may be able to execute arbitrary code with kernel privileges. An out-of-bounds write issue was addressed in the update with improved bounds checking.
Devices affected are iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later and iPod touch (7th generation).
With macOS Monterey 12.3.1, the update addressed two issues. The first is the same issue that iOS and iPadOS had with AppleAVD: An application may be able to execute arbitrary code with kernel privileges. The fix was also the same: An out-of-bounds write issue was addressed with improved bounds checking.
The second issue addressed in the macOS update resided in the Intel Graphic Driver. In this case, an application may be able to read kernel memory. An out-of-bounds read issue that may lead to the disclosure of kernel memory was addressed with improved input validation.
The macOS vulnerabilities differ from those in iOS and iPadOS in that Apple notes it’s aware of a report that the macOS issues may have been actively exploited. Apple did not provide any details regarding the attacks.
The iOS and iPadOS updates also addressed a battery-draining issue that users reported after they updated to iOS 15.4. How widespread the problem was is not clear.
According to the release notes, the update addresses an issue described as the battery potentially draining more quickly than expected after updating to iOS 15.4. Other bug fixes include an issue where Braille devices may become unresponsive while navigating text or displaying an alert, and Made for iPhone hearing devices may lose connection with some third-party apps.
Apple also released security and bug updates for its other devices — watchOS 8.5.1, tvOS 15.4.1 and HomePod 15.4.1 — that address similar issues.
Image: Apple
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
