Apple Releases 2 Surprise Urgent Updates For iPhone Users

Just hours into the release of the new iPhone 15 series, and less than a week since iOS 17 became available for other iPhones, Apple has suddenly given us an update. Unprecedented, surely?

Here’s all you need to know.

Which Update Do You Need?

If you have the iPhone 15 series, a small but quickly growing cohort, you need iOS 17.0.2. All other users need iOS 17.0.1.

Which iPhones Can Run iOS 17.0.1 and iOS 17.0.2?

If you have an iPhone released in 2018 or later, then iOS 17.0.1 is compatible. That means the iPhone Xs, iPhone Xs Max and iPhone Xr are the earliest phones, with iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max and all more recent phones included. This includes iPhone SE second- and third-generation models. The second of the new updates, iOS 17.0.2 is only for the iPhone 15, iPhone 15 Plus, iPhone 15 Pro and iPhone 15 Pro Max.

How To Get It

Updating is to the new software is straightforward, and it’s not a huge file—430MB on my iPhone 14 Pro Max—so it shouldn’t take too long.

Open the Settings app, click General, then Software Update. Of course, you’ll only be offered the update relevant to your phone. Next, select Download and Install, and you’ll be up to date in no time.

What’s In The Release

This is all about fixing security issues and there are no new features in this update. Those will be coming in iOS 17.1, which could be released to developers soon. In the meantime, this update is designed to fix three bugs.

Apple says that each of these flaws were patched before, in iOS 16.7. With two of the three, the new update brings improvements. Two of them gain improved checks with the new software and one addresses a certificate validation issue.

What’s most alarming about all three, and which doubtless caused the speedy release of these updates, is that they had likely been actively exploited in the real world before iOS 16.7 came along.

First of the three is a Kernel issue, where, Apple says, “a local attacker may be able to elevate their privileges.” The second issue is described as Security and recognizes that a malicious app “may be able to bypass signature validation”. This is where the certificate validation issue was addressed.

And third is a WebKit fix, where processing web content could have lead to “arbitrary code execution”. Like the Kernel issue, it’s now been addressed with improved checks.

As ever, Apple gives little away beyond the minimum, saying, “For our customers’ protection, Apple doesn’t disclose, discuss or confirm security issues until an investigation has occurred and patches or releases are available.”