Update Your iGear – Apple Patches Dozens of Security Holes in iOS 18.2, macOS Sequoia 15.2, and More

Apple’s iOS 18.2 is finally here, delivering not just the much-awaited AI “fix” to avid fans, but a wide range of actual fixes for the security side of things as well. The rest of Apple’s gizmos also get important security amendments this week.

iOS 18.2 and macOS Sequoia 15.2 are the last major updates for iPhone and Mac users rolled out this year by the Cupertino tech giant.

Most of the buzz is about a new set of Apple Intelligence features – including Image Playground, Genmoji, Writing Tools enhancements, seamless support for ChatGPT, and visual intelligence – that are sure to “elevate users’ experience,” building on AI capabilities introduced in October, Apple said yesterday.

The security side of the updates receives little to no fanfare, but we assure you it’s an equally important incentive to update your iGear.

Security fixes across the board

While the focus this week is on new-generation hardware – as only the newest Apple gadgets support the latest AI oomph – the updates rolled out this week touch on the security of almost every major consumer product sold by Apple.

In addition to iPhones, iPads and Macs, this week’s update spree extends to the Vision headset, as well as the the Apple Watch and TV. All of them include important security amendments, according to the advisories on Apple’s “security releases” support page.

Notable bugs fixed

Some notable bugs listed in the advisories include:

Issue in AppleMobileFileIntegrity tracked as CVE-2024-54526: A malicious app may be able to access private information

Issue in AppleMobileFileIntegrity tracked as CVE-2024-54527: An app may be able to access sensitive user data

Crash Reporter flaw tracked as CVE-2024-54513: An app may be able to access sensitive user data

Kernel flaw tracked as CVE-2024-54494: An attacker may be able to create a read-only memory mapping that can be written to

Libexpat flaw tracked as CVE-2024-45490: A remote attacker may cause an unexpected app termination or arbitrary code execution

Passwords flaw tracked as CVE-2024-54492: An attacker in a privileged network position may be able to alter network traffic

VoiceOver flaw tracked as CVE-2024-54485: attacker with physical access to an iOS device may be able to view notification content from the lock screen

Several WebKit flaws that may lead to an unexpected process crash or memory corruption

Users who are not yet on iOS 18 are encouraged to make the jump, as Apple is slowly winding down support for older generation iOS and iPadOS iterations.

This time around, Apple is only supplying iPadOS 17.7.3 for iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation, with no corresponding version for iPhones.

Update your Apple gizmos

As always, Bitdefender recommends users prioritize software updates – especially when these updates include fixes for vulnerabilities that attackers might be exploiting.

Remember to keep the trusty Lockdown Mode toggle handy if you believe hackers might be targeting you.

For peace of mind, run a dedicated security solution on all your personal devices.