Connect with us

Apple

iOS 11.2 released with Apple Pay Cash, new wallpapers and more

Published

on

Apple released iOS 11.2 to all devices capable of running iOS 11 around 12am PST on Saturday morning.

The update was pushed out sooner than anticipated due to a bug that was causing some iOS devices to restart unexpectedly after the date was set to December 2.

The biggest new feature in this update is Apple Pay Cash, which allows users to send money over iMessage using Apple Pay. Right now Apple Pay Cash is only available in the United States, but the feature should expand elsewhere in the future.

There are also a number of other big changes, improvements and bug fixes in iOS 11.2 (see below).

What’s new

  • Apple Pay Cash

  • New Control Center grabber on iPhone X lock screen

  • Wi-Fi and Bluetooth toggles in Control Center now explain how they work in iOS 11

  • 1+2+3 in the calculator app now equals 6 (instead of 24)

  • A number of emoji have been tweaked (via Emojipedia)
  • Faster 7.5W wireless charging on iPhone 8/X
  • I.T autocorrect bug fixed (via MacRumors)

  • New Sports tab in the TV app

Security Changes

IOKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with system privileges

Description: Multiple memory corruption issues were addressed through improved state management.

CVE-2017-13847: Ian Beer of Google Project Zero

IOMobileFrameBuffer

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with kernel privilege

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-13879: Apple

IOSurface

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-13861: Ian Beer of Google Project Zero

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-13862: Apple

CVE-2017-13876: Ian Beer of Google Project Zero

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2017-13833: Brandon Azad

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A type confusion issue was addressed with improved memory handling.

CVE-2017-13855: Jann Horn of Google Project Zero

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-13867: Ian Beer of Google Project Zero

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: Multiple validation issues were addressed with improved input sanitization.

CVE-2017-13865: Ian Beer of Google Project Zero

CVE-2017-13868: Brandon Azad

CVE-2017-13869: Jann Horn of Google Project Zero

Mail

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Incorrect certificate is used for encryption

Description: A S/MIME issue existed in the handling of encrypted email. This issue was addressed through improved selection of the encryption certificate.

CVE-2017-13874: an anonymous researcher

Mail Drafts

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An attacker with a privileged network position may be able to intercept mail

Description: An encryption issue existed with S/MIME credetials. The issue was addressed with additional checks and user control.

CVE-2017-13860: Michael Weishaar of INNEO Solutions GmbH

Wi-Fi

Available for: iPhone 6s, iPhone 6s Plus, iPhone 6, iPhone 6 Plus, iPhone SE, iPhone 5s, 12.9-inch iPad Pro 1st generation, iPad Air 2, iPad Air, iPad 5th generation, iPad mini 4, iPad mini 3, iPad mini 2, and iPod touch 6th generation
Released for iPhone 7 and later and iPad Pro 9.7-inch (early 2016) and later in iOS 11.1.

Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks – KRACK)

Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.

CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

Changelog

iOS 11.2 introduces Apple Pay Cash to send, request, and receive money from friends and family with Apple Pay. This update also includes bug fixes and improvements.
Apple Pay Cash (US Only)
  • Send, request, and receive money from friends and family with Apple Pay in Messages or by asking Siri
Other improvements and fixes
  • Adds support for faster wireless charging on iPhone 8, iPhone 8 Plus, and iPhone X with compatible third-party accessories
  • Introduces three new Live wallpapers for iPhone X
  • Improves video camera stabilization
  • Adds support in Podcasts to automatically advance to the next episode from the same show
  • Adds support in HealthKit for downhill snow sports distance as a data type
  • Fixes an issue that could cause Mail to appear to be checking for new messages even when a download is complete
  • Fixes an issue that could cause cleared Mail notifications from Exchange accounts to reappear
  • Improves stability in Calendar
  • Resolves an issue where Settings could open to a blank screen
  • Fixes an issue that could prevent swiping to Today View or Camera from the Lock Screen
  • Addresses an issue that could prevent Music controls from displaying on the Lock Screen
  • Fixes an issue that could cause app icons to be arranged incorrectly on the Home Screen
  • Addresses an issue that could prevent users from deleting recent photos when iCloud storage is exceeded
  • Addresses an issue where Find My iPhone sometimes wouldn’t display a map
  • Fixes an issue in Messages where the keyboard could overlap the most recent message
  • Fixes an issue in Calculator where typing numbers rapidly could lead to incorrect results
  • Addressed an issue where the keyboard could respond slowly
  • Adds support for real-time text (RTT) phone calls for the deaf and hard of hearing
  • Improves VoiceOver stability in Messages, Settings, App Store, and Music
  • Resolves an issue that prevented VoiceOver from announcing incoming Notification
For information on the security content of Apple software updates, please visit this website: https://support.apple.com/kb/HT201222

Continue Reading
Comments