(IPSW Download) iOS 11.2.2 fix the Meltdown and Spectre vulnerabilities

Jesse Han   2018.01.10 1:28   Jesse Han  

Apple has recently provided a new iOS 11.2.2 update for all compatible iPhone, iPad and iPod touch. This is a small update, it focus on additional security patches. In particular, the update offers protection against Meltdown and Spectre vulnerabilities discovered last week.

For those who don’t know Meltdown and Spectre, they are serious vulnerabilities that enable malicious apps to read out private information process by other apps. In very simple terms, processors don’t take sufficient measures to separate the data from different apps. Meltdown allows a malicious app to read the kernel memory. Some things like saving files and opening network connections are regulated in the kernel. Random data therefore can be retrieved. It depends on what is in the kernel memory, but generally these are passwords. Specter allows not only access to the kernel memory but also to the memory that other apps use.

Actually, Meltdown had already been deactivated in previous iOS 11.2.1, but Spectre (CVE-2017-5753 and CVE-2017-5715) did not. So iOS 11.2.2 update makes Spectre vulnerability largely harmless. Although it will take longer to address the fundamental problem, the update ensure that the vulnerability can no longer be exploited via the browser.

We advise you to update your iOS device without delay. The update is available for iPhone 5S and later, iPad Air and later, and iPod touch 6th generation. These users can easily finish update through the OTA or iTunes online. Or, you can install the update by manually flashing the relevant IPSW firmware file which can be downloaded from the links below.

IPSWs Download Directly

iPhone
iPad
iPod touch

By the way, Apple has also released macOS 10.13.2 High Sierra supplemental update for Mac users, and it also helps to fix the Meltdown and Spectre vulnerabilities.