Apple Releases iOS 17.1.2 | Here’s Why You Should Update Right Away

While there’s every reason to believe that iOS 17.2 is just around the corner, Apple has now rolled out an interim iOS 17.1.2 update to address some bugs and other security issues in the current public iOS 17.1.1 release.

Reports that iOS 17.1.2 was in the works surfaced last week when the folks at MacRumors found evidence of devices running the new version in its website analytics. However, while the release date for the patch was unclear, most expected it wouldn’t arrive until after the US Thanksgiving holiday weekend, as Apple generally gives most of its staff extended time off over that period.

There also wasn’t much information about what to expect from the update, although as a sub-point release, it was a safe bet it would be mostly bug fixes and security patches.

For example, several folks have reported Wi-Fi issues in iOS 17 that haven’t been fully resolved and may have even gotten worse in iOS 17.1.1. There’s also an ongoing problem with wireless charging in some GM vehicles, plus some minor HomeKit and push notifications bugs that have been reported.

We’ll have to wait and see if today’s iOS 17.1.2 update addresses any of these problems, but from the release notes, it doesn’t look promising. Rather than the usual references to “bug fixes and performance improvements,” iOS 17.1.2 suggests the focus is exclusively on “important security fixes.”

This update provides important security fixes and is recommended for all users.

Unlike iOS 17.1.1, which didn’t include any notable security fixes, the iOS 17.1.2 update addresses two WebKit vulnerabilities that are likely already being exploited by hackers.

Thanks to Clément Lecigne of Google’s Threat Analysis Group, Apple has patched two issues with input validation and memory corruption in WebKit that could “disclose sensitive information” and “lead to arbitrary code execution.”

Since WebKit is the engine that powers not only Safari but all other web browsers on iOS, a bad actor could craft a malicious web page that could do nasty things on your iPhone or steal your personal data.

While the specific mechanics of this are unclear, Apple notes on its security updates page for iOS 17.1.2 that it’s “aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.”

Apple has not provided any detail on how these flaws were exploited in the wild; however, researchers in Google’s Threat Analysis Group (TAG) typically find zero-day vulnerabilities like these in state-sponsored spyware such as Pegasus and Predator that are used to attack high-profile individuals such as human rights activists, journalists, politicians, and dissidents.

While this makes it less likely that an average user would fall prey to these exploits, it’s impossible to rule that out entirely. More significantly, now that iOS 17.1.2 has been released and the vulnerabilities publicly disclosed to the world, the doors are open for less sophisticated hackers and scammers to exploit these vulnerabilities against Apple devices that have not yet been updated.

This is why updating your iPhone as soon as possible after a new security patch is released is essential. Since Apple publishes details on these security fixes in each iOS update, even flaws that weren’t previously exploited won’t stay that way for long.

The iOS 17.1.2 update is accompanied by iPadOS 17.1.2 and macOS 14.1.2 updates that patch the same vulnerabilities, along with a standalone Safari 17.1.2 for macOS Monterey and Ventura.