The recent release of iOS 16.1.2 was odd in that it wasn’t accompanied by updates to any other Apple operating systems, the changes were fairly minor, and Apple delayed releasing its security notes (see “iOS 16.1.2 Optimizes Crash Detection, Improves Wireless Carrier Compatibility,” 7 December 2022). Now we know why Apple hurriedly pushed it out on its own with little fanfare—iOS 16.1.2 blocked a WebKit vulnerability that has been actively exploited in the wild, allowing malicious Web content to lead to arbitrary code execution. It turns out that the vulnerability also afflicted most of Apple’s other operating systems, including older versions of iOS and macOS.
Apple has now eliminated the vulnerability in all its current operating systems (see “Apple Releases iOS 16.2, iPadOS 16.2, macOS 13.1 Ventura, watchOS 9.2, and tvOS 16.2,” 13 December 2022), in the last two versions of macOS (see “Safari 16.2,” 13 December 2022) and finally, in iOS 15, with the release of iOS 15.7.2 and iPadOS 15.7.2.
If you’re still running iOS 15 on an older device that can’t upgrade to iOS 16 or iPadOS 16, we strongly encourage you to update to iOS 15.7.2 or iPadOS 15.7.2 right away. You can find it, as usual, in Settings > General > Software Update.
However, if you’ve been holding off upgrading an iPhone compatible with iOS 16, note that Apple is no longer allowing such iPhones to remain on the iOS 15 track. In that case, you’ll have to stick with version 15.7.1 or upgrade to 16.2. However, likely because iPadOS 16 shipped well after iOS 16, iPadOS 15 users can still upgrade to iPadOS 15.7.2 and won’t be forced to jump to iPadOS 16.2. (But it’s only a matter of time.)