iOS 15.6 is here with live sports controls and oodles of security and bug fixes

The public beta of iOS 16 is already out, but Apple isn’t quite done with iOS 15 yet. Just days after iOS 15.5 arrived, Apple started iOS 15.6 iPadOS 15.6 beta testing. It was first made available to developers on May 18, with the public beta following a day later.

Most of the attention is now on iOS 16, which Apple announced at WWDC in June. With iOS 15.6, the only new feature introduced is improved video control when tuning in to live sports. The majority of this release is focused on bug fixes and security updates.

Update 7/20/22: iOS 15.6 has been released.

iOS 15.6 release notes

This release is really thin on new features, including primarily just bug fixes. Beyond what is shown in these release notes, it also includes some security updates.

• TV app adds the option to restart a live sports game already in progress and pause, rewind, or fast-forward
• Fixes an issue where Settings may continue to display that device storage is full even if it is available
• Fixes an issue that may cause braille devices to slow down or stop responding when navigating text in Mail
• Fixes an issue in Safari where a tab may revert to a previous page

iOS 15.6 security updates

As with the last several iOS updates, iOS 15.6 includes numerous security updates, several that “may be able to execute arbitrary code.” Apple has listed more than three dozen updates, including critical WebKit, Wi-Fi, and iCloud Photo Library updates.

Apple Neural Engine

• Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
• Impact: An app may be able to break out of its sandbox
• Description: This issue was addressed with improved checks.
• CVE-2022-32845: Mohamed Ghannam (@_simo36)

Apple Neural Engine

• Available for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)
• Impact: An app may be able to execute arbitrary code with kernel privileges
• Description: This issue was addressed with improved checks.
• CVE-2022-32840: Mohamed Ghannam (@_simo36)
• CVE-2022-32829: an anonymous researcher

Apple Neural Engine

• Available for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)
• Impact: An app may be able to execute arbitrary code with kernel privileges
• Description: The issue was addressed with improved memory handling.
• CVE-2022-32810: Mohamed Ghannam (@_simo36)

Home

• Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
• Impact: A user may be able to view restricted content from the lock screen
• Description: A logic issue was addressed with improved state management.
• CVE-2022-32855: an anonymous researcher

iCloud Photo Library

• Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
• Impact: An app may be able to access sensitive user information
• Description: An information disclosure issue was addressed by removing the vulnerable code.
• CVE-2022-32849: Joshua Jones

Multi-Touch

• Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
• Impact: An app may be able to execute arbitrary code with kernel privileges
• Description: A type confusion issue was addressed with improved state handling.
• CVE-2022-32814: Pan ZhenPeng (@Peterpan0927)

Software Update

• Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
• Impact: A user in a privileged network position can track a user’s activity
• Description: This issue was addressed by using HTTPS when sending information over the network.
• CVE-2022-32857: Jeffrey Paul (sneak.berlin)

WebKit

• Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
• Impact: Processing maliciously crafted web content may lead to arbitrary code execution
• Description: An out-of-bounds write issue was addressed with improved input validation.
• WebKit Bugzilla: 240720
• CVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative

Wi-Fi

• Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
• Impact: An app may be able to cause unexpected system termination or write kernel memory
• Description: This issue was addressed with improved checks.
• CVE-2022-32837: Wang Yu of Cyberserval

Wi-Fi

• Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
• Impact: A remote user may be able to cause unexpected system termination or corrupt kernel memory
• Description: This issue was addressed with improved checks.
• CVE-2022-32847: Wang Yu of Cyberserval

How to get iOS 15.6

To install iOS 15.6 on your iPhone (or iPadOS 15.6 on your iPad), open the Settings app and tap General, then Software Update and follow the instructions you find.