News

Apple Releases iOS 10.3.2 – What’s Included and Should you Upgrade?

By Andre Da Costa

Last Updated on June 22, 2021

Today Apple released iOS 10.3.2 for iPhone and iPad. Let’s review the release notes and see what was fixed and if you should upgrade your device or wait.

Apple is following up April’s iOS 10.3.1 update with a new release predictably christened, 10.3.2. The release includes many fixes and security updates, making it a must-have (when has it never been). In fact, after reviewing the release notes, the 10.3.2 update feels more like a major point release vs. a simple update considering the severity of the vulnerabilities it resolves.

The iOS 10.3.2 update is available for download and installation for Apple devices including the iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation.

Summary of iOS 10.3.2?

There are no user-facing changes, but the 177 MB update suggests there are numerous low-level updates included. In contrast, last month’s 10.3.1 was just 28 MBs, so, users might want to perform a quick backup just in case. Areas touched by 10.3.2 include fixes for over two AVEVideoEncoder, CoreAudio, iBooks, Kernel, Notifications, Safari, and more. What is particularly important to note, is the potential for many different attacks which include the ability to run arbitrary code. Here’s a sample of what Apple fixed with today’s update.

What’s Included in the iOS Update

Here’s just a small sample of the security exploits being fixed by Apple in the iOS 10.3.2 update.  

AVEVideoEncoder

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to gain kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-6989: Adam Donenfeld (@doadam) of the Zimperium zLabs Team

CoreAudio

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2017-2502: Yangkang (@dnpushme) of Qihoo360 Qex Team

iBooks

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: A maliciously crafted book may open arbitrary websites without user permission

Description: A URL handling issue was addressed through improved state management.

CVE-2017-2497: Jun Kokatsu (@shhnjk)

But Wait. There’s More

IOSurface

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to gain kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-6979: Adam Donenfeld of Zimperium zLabs

Kernel

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed through improved locking.

CVE-2017-2501: Ian Beer of Google Project Zero

SQLite

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved input validation.

CVE-2017-6983: Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro’s Zero Day Initiative

CVE-2017-6991: Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro’s Zero Day Initiative

WebKit

Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues with addressed through improved memory handling.

CVE-2017-2536: Samuel Groß and Niklas Baumstark working with Trend Micro’s Zero Day Initiative

Source

Should you Upgrade to 10.3.2?

Absolutely. In fact, the earlier the better based on the high number of exploits this update resolves. Just make sure you perform a backup of your iOS device first. I am noticing these point updates for iOS 10 are taking longer than usual to install, so, make sure you are plugged into power with at least 50% battery. Running out of battery juice while updating your device can lead to really nasty issues. We don’t have time for that!

Summing Up

Quick side-note — Since updating to 10.3, I’ve noticed several glitches, particularly in third-party apps like Facebook. The Mobile Hotspot banner is sometimes distorted, Control Center functions like the Flashlight does not work when Facebook is open and the Google Gboard disappeared. System-wide, I also noticed my iPhone does not turn the display off automatically, often killing battery life. I have brought it up on Apple’s forum, but the issue seems isolated. Hopefully, Apples resolves some of these issues for me but, I’m not holding my break with 10.3.2.

Have you upgraded to 10.3.2 yet? Did you upgrade to an iPhone? iPad? How long did it take? Any issues? Join the conversation and tell us how your upgrade went on your iOS device!