Apple has issued iOS 15.7.1, just days after the release of iOS 16.1. Both iPhone updates address the same security issues, so which one should you choose?
First things first—you need to update your iPhone to either iOS 15.7.1 or iOS 16.1, because both updates address serious security issues—one of which is already being used in real-life attacks. The list of issues fixed in iOS 15.7.1 and iOS 16.1 is slightly different but both patch a major security vulnerability that should be on everyone’s radar.
The flaw in the iPhone’s Kernel at the heart of the operating system could be chained together with other vulnerabilities to take over your iPhone. Apple is aware of a report that the vulnerability fixed in iOS 15.7.1 and iOS 16.1 may have been exploited in attacks, the iPhone maker’s support page reads.
How serious is the Kernel vulnerability fixed in iOS 15.7.1 and iOS 16.1?
Not much is known about the Kernel vulnerability fixed in iOS 15.7.1 and iOS 16.1, tracked as CVE-2022-42827. That’s mainly because Apple keeps its cards close to its chest, to avoid more attackers getting hold of the details.
That does mean it’s also not clear who the attack targeted, although an educated guess would say it’s probably a small portion of users, similar to the Pegasus spyware attack seen last year.
Using the iPhone vulnerability in iPhone versions before iOS 15.7.1 and iOS 16.1, attackers could encourage someone to download an application to execute arbitrary code with kernel privileges.
Independent security researcher Sean Wright says an attacker could “chain the Kernel level vulnerabilities with some of the other flaws to allow a malicious app to exploit them.”
This could be done remotely via one of the WebKit vulnerabilities.
The case for iOS 16.1
Apple has released several updates since iOS 16 was launched in September, mainly to fix the inevitable bug problems that come with a big iPhone point update. If you are tempted to update to iOS 16.1, now could be the time, as it’s less buggy than previous versions and contains some cool new features you can take advantage of.
In addition, Apple has clarified its approach to security patches, saying only the latest versions of its software are fully protected, as ArsTechnica writes. In other words, updating iOS 16.1 is the only way to ensure your iPhone is fully protected from known flaws.
The case for iOS 15.7.1
When iOS 16.1 was released, there was no iOS 15.7.1, so the only viable option was to update to the former if you wanted to ensure security. However, for more cautious iPhone updaters, the choice to stay on iOS 15.7.1 is here. Apple had to iron out some Face ID issues introduced in iOS 15.7.1 before it was ready to release to the public.
Taking this into account, cautious people on iOS 15 or those with older devices should feel free to update to 15.7.1, but know that it does not tackle all security issues fixed in iOS 16.1.
iOS 15.7.1 or iOS 16.1: Here’s which update to choose
Last month, I asked whether you should update to iOS 16 or iOS 15.7, and the situation with these latest updates is similar. In the end, it’s up to you which update to choose, but iOS 16.1 will offer more robust security protection than iOS 15.7.1, making it the obvious choice for anyone who is concerned abouts security or might be a target.
“If your device can run the latest iOS then iOS 16.1 is your best bet,” says Jake Moore, global cybersecurity advisor at ESET. If your device is older he says, you may not have a choice, and iOS 15.7.1 is fine.
Since both updates fix the exploited bug, upgrading to iOS 16.1 isn’t essential, but make sure you upgrade to iOS 15.7.1 or iOS 16.1 as soon as possible. To do so, go to your Settings > General > Software update and download and install iOS 15.7.1 and iOS 16.1 to keep your iPhone safe.