Almost exactly two months ago, Apple released iOS 15.4 which addressed a hefty 39 security issues for millions of iPhone users. Now there’s another massive security update in the shape of iOS 15.5 which really needs to be installed as soon as possible.
What should be, saving any emergency security updates, the final iOS 15 iteration before iOS 16 is released, has now landed. The functionality enhancements for Apple Cash, Apple Podcasts, and Apple Messages are explained in this article by David Phelan. However, my beat is security, and as that was the reason why I switched from an Android device to an iPhone a couple of years back, here’s what 15.5 brings to the smartphone security party and why you should update now.
The massive iOS 15.5 security update in detail
This crucial iOS update comes with fixes for some 34 vulnerabilities, covering the full gamut of exploit opportunities from executing arbitrary code with kernel or system privileges, to sandbox restriction bypass, denial of service, and privilege elevation.
Like Google with Chrome updates, Apple doesn’t disclose security issues in full technical detail until an update has been made available and a majority users have had a chance to install this. However, some of the impacts should a vulnerability be exploited by a threat actor, as confirmed by Apple include:
- Arbitrary code execution by processing a maliciously crafted image
- Processing of a ‘large input’ could lead to denial of service
- The tracking of users in Safari’s private browsing mode by a malicious website
- Access to photos from the lock screen (requires physical access)
- Code execution by way of malicious web content processing
The full list of Common Vulnerabilities and Exposures (CVE) references is as follows:
Don’t delay, update to iOS 15.5 today
Although none of the security vulnerabilities patched by the iOS 15.5 update are of the zero-day variety, and none are known to have been exploited by threat actors at this point, that is no excuse for complacency. Now that the fixes are out, it’s a race against time as those who would do you harm look for ways to exploit those vulnerabilities. Most of the security issues have serious enough consequences that updating your iPhone really should be a no-brainer. As Kate O’Flaherty from the Forbes Straight Talking Cyber (STC) team says in the video at the top of this article, the benefits of securing your smartphone outweigh the risks of a functionality bug, more often than not. Of course, your particular use case may mean that holding off on an update is the preferred option but, for the vast majority of users, the ‘don’t delay, update today’ advice stands firm. Ensuring your device is backed up to iCloud or your own computer is recommended before you start any update, of course.
Updating your iPhone: step-by-step
First and foremost, STC recommends that you set your iPhone to update automatically. You can do this by heading to Settings|General|Software Update|Automatic Updates and your iPhone should then update overnight as long as it is charging and connected to Wi-Fi.
Regardless of your automatic update status, unless you have got a notification informing you that your iPhone has already updated to 15.5, it is recommended that you go check and force the issue.
Head to Settings|General|Software Update and start the process.
You will see a progress bar with the download status followed by the preparing update one. Be warned, this can take some time so don’t panic, just wait it out.
Your iPhone will restart, eventually. On my iPhone 13 Pro connected to gigabit broadband, it took around 15 minutes to complete the iOS 15.5 update. Once your device has restarted you will see the above confirmation on your lock screen which means that your device is up to date with security fixes.