News

Apple Releases iOS 11.2.5, Gives Sneak Preview of Upcoming 11.3 Update

Apple released a new update for iPhone, iPad, iPod Touch that preps iOS for the upcoming HomePod device. There’s also a sneak preview of the upcoming iOS 11.3 update with new features for iPhone X.

It seems like the minute you put down your Apple device, there is another update on the way. Yesterday, Apple launched its 6th update for iOS 11, now at version 11.2.5. The new release targets users who plan on spending more money in the Apple ecosystem. Namely, on the new Apple HomePod—Apple’s answer to the Amazon Echo and Google Home smart speakers powered by Alexa and Google Assistant.  The HomePod uses the Siri voice assistant and will be available in early February. HomePod was originally planned for late December but missed its self-imposed deadline because of some last minute issues.

What’s New in the iOS 11.2.5 Update and Should You Upgrade?

The previous 11.2.2 release focused primarily on fixing the CPU vulnerability called Spectre.   Version 11.2.5 is more of a feature prep for the upcoming HomePod stereo, along with bug fixes for Mail, Messages, and CarPlay.

Users can now ask Siri to play news from sources such as CNN, NPR or Fox News but only for the US, UK, and Australia at this time. The Control Center audio controls get a small revamp, which lets you 3D touch and access available playback sources such as an Apple TV in the top right hand of the music widget.

On the security side,  the update finally fixes a serious bug in Messages that could be triggered when a malicious link is opened.

The iOS 11.2.5 update comes in at 163 MBs and is available for devices such as the iPhone 5s and later, iPad Air and later, and iPod Touch 6th generation. Users can download the update by connecting to a wireless network, launching Settings > General > Software Update then tapping Download and install.

Here is a list of additional bug fixes and security updates in iOS 11.2.5:

Audio

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution

Description: A memory corruption issue was addressed through improved input validation.

CVE-2018-4094: Mingi Cho, MinSik Shin, Seoyoung Kim, Yeongho Lee and Taekyoung Kwon of the Information Security Lab, Yonsei University

Core Bluetooth

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4087: Rani Idan (@raniXCH) of Zimperium zLabs Team

CVE-2018-4095: Rani Idan (@raniXCH) of Zimperium zLabs Team

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A memory initialization issue was addressed through improved memory handling.

CVE-2018-4090: Jann Horn of Google Project Zero

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A race condition was addressed through improved locking.

CVE-2018-4092: an anonymous researcher

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed through improved input validation.

CVE-2018-4082: Russ Cox of Google

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2018-4093: Jann Horn of Google Project Zero

LinkPresentation

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing a maliciously crafted text message may lead to application denial of service

Description: A resource exhaustion issue was addressed through improved input validation.

CVE-2018-4100: Abraham Masri (@cheesecakeufo)

QuartzCore

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue existed in the processing of web content. This issue was addressed through improved input validation.

CVE-2018-4085: Ret2 Systems Inc. working with Trend Micro’s Zero Day Initiative

Security

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A certificate may have name constraints applied incorrectly

Description: A certificate evaluation issue existed in the handling of name constraints. This issue was addressed through improved trust evaluation of certificates.

CVE-2018-4086: Ian Haken of Netflix

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4088: Jeonghoon Shin of Theori

CVE-2018-4089: Ivan Fratric of Google Project Zero

CVE-2018-4096: found by OSS-Fuzz

Source

Should you get the update? The update is working just fine on my iPhone 6s at the moment, so, it seems safe enough to grab it. In contrast to 11.2.2 which was a major security fix, this is a more of a routine update. The update was up and running in less than 20 minutes, but as always, do back up, just in case; especially for older devices.

iOS 11.3 Preview – New Animojis for iPhone X, iCloud Messages, Business Chat

In other news, Apple is already working on it next major update 11.3, which the company previewed today. The update will include new Animojis, which are powered by the exclusive AR feature for iPhone X that maps your facial movement to fun, gimmicky characters. Business Chat, a new messaging feature the company previewed but never released is available in beta. Users will be able to seek customer support from popular businesses such as Hilton, Wells Fargo, and Lowes. There are also further improvements to the Health app and the return of iCloud Messages. We’ll have more details when the final software update is released in the spring.

In the meantime, go grab that 11.2.5 update and let us know how it’s working on your Apple device.


2 Comments

2 Comments

  1. Fenoy  

    Works on my 2017 iPad.

  2. Jack Oster  

    Works perfectly on iPhone 6 plus

Leave a Reply

Your email address will not be published. Required fields are marked *

 

To Top