Apple released an iOS 11.2.2 update on Monday to iPads, iPhones, and iPod touches. The update comes as no surprise since news broke last week of a massive security vulnerabilities, named Meltdown and Spectre, which are found in smartphone chips throughout the industry. This update in large part addresses the security risks imposed by these chip flaws.
Apple's official notes on the update are brief, instead devoting time to thanking those whose work contributed to the update. But, as promised, they have included "mitigations in Safari to help defend against Spectre." Apple had already issued patches for Meltdown back in iOS 11.2.
iOS 11.2.2 includes security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).
We would like to acknowledge Jann Horn of Google Project Zero; and Paul Kocher in collaboration with Daniel Genkin of University of Pennsylvania and University of Maryland, Daniel Gruss of Graz University of Technology, Werner Haas of Cyberus Technology, Mike Hamburg of Rambus (Cryptography Research Division), Moritz Lipp of Graz University of Technology, Stefan Mangard of Graz University of Technology, Thomas Prescher of Cyberus Technology, Michael Schwarz of Graz University of Technology, and Yuval Yarom of University of Adelaide and Data61 for their assistance.
The backlash and severity of the Meltdown and Spectre news last week no doubt incited what was already heated work on a patch to fix one of the most widespread security issues in recent memory. It makes sense then that Apple would single out those who helped bring together patches to protect devices across platforms.
To protect yourself from any possible attacks that could happen as the result of Meltdown and Spectre, make sure your iPhone is up to date. If you aren't prompted to update your iPhone, open the Settings app, tap "General," then tap "Software Update." Follow the on-screen instructions to complete the update to iOS 11.2.2.
While there was confusion surrounding Apple's odd choice to name its latest beta version 11.2.5, we figured it would leave the company room to make updates such as this before releasing an official version of 11.2.5. This new Spectre patch seems to have confirmed our assumptions.
Still, Apple is expected to include a new tool to show off battery health after word broke about the company slowing down iPhones when batteries were no longer up to snuff, but we're not sure if that update will show up in iOS 11.2.3 or in the 11.2.5 release (nothing is in the beta yet).