Apple iOS 16.1.1 is here.
Make Forbes your destination for all-things iOS. Read full details of what’s in the release from me the moment it lands. Kate O’Flaherty looks at the security considerations of each new release. And then read Gordon Kelly’s analysis of whether you ought to install or wait.
Which iPhones can run iOS 16.1.1?
If you have an iPhone from the iPhone 8 onwards, this is for you.
For iPads, you need iPadOS which, for the first time, is on a different release schedule than iOS. The latest version is iPadOS 16.1.1, also just-released.
How to get it
You’ll have done this before but just in case: open the Settings app on the iPhone and then choose General, then Software Update. Once you’ve clicked on Download and Install, you’ll be golden.
What’s in the release
This is a quick, small release which is aimed specifically at sorting out issues and squishing bugs. Recent problems with the software have included a bug which has affected wi-fi connections, with disconnections happening unexpectedly. Apple hasn’t confirmed that that’s what at play here, but let’s hope so.
As is common, Apple merely says it “includes bug fixes and security updates”. The latter has routinely been a key part of recent updates, with severe security issues that are known to have been acted upon already being front and center.
Apple is more forthcoming about what the security issues are, as you can read in its support document, below. They focus on remote users being able to cause unexpected app termination or “arbitrary code execution”. Which ain’t great.
Apple also says the upgrade is recommended for all users.
Apple’s notes on the security issues addressed in the latest update
iOS 16.1.1 and iPadOS 16.1.1
Released November 9, 2022
libxml2
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution
Description: An integer overflow was addressed through improved input validation.
CVE-2022-40303: Maddie Stone of Google Project Zero
libxml2
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2022-40304: Ned Williamson and Nathan Wachholz of Google Project Zero
