Apple rolled out iOS 15.2.1 on Wednesday, a minor update that tackles several bugs plaguing iPhones, including a denial-of-service (DoS) flaw dubbed “doorLock” that can render iOS devices non-functional after connecting to an Apple Home-compatible appliance.
The iOS 15.2.1 patch also rectifies vulnerabilities found in CarPlay and Messages. The minor update is available now for users with iPhone 6s and newer.
Apple releases iOS 15.2.1 to fix minor iPhone bugs
Security researcher Trevor Spiniolas discovered a DoS flaw in Apple HomeKit, which he coined “doorLock.” The vulnerability, if exploited, can affect iOS devices, causing them to crash or enter a reboot loop after interacting with an Apple Home-connected appliance.
“This bug poses a significant risk to the data of iOS users, but the public can protect themselves from the worst of its effects by disabling Home devices in control center in order to protect local data,” Spiniolas said in his report.
DoorLock affects iOS 14.7 and all versions released thereafter. Spiniolas added that he reported the bug to Apple on Aug. 10 and the company stated that it would resolve the bug in a security update before 2022. Unfortunately, Apple failed to follow through with its promise. The Cupertino-based tech giant then reportedly revised its patch release date to “early 2022” on Dec. 8.
Expressing concern that Apple users would be kept in the dark about doorLock, Spiniolas told Apple that he would publicly disclose the HomeKit bug in early January — and he did just that.
“Apple’s lack of transparency is not only frustrating to security researchers who often work for free, it poses a risk to the millions of people who use Apple products,” Spiniolas said.
Fortunately, iOS 15.2.1 fixes the doorLock vulnerability. It also rectifies a CarPlay bug that lets third-party apps ignore user input. Another patch solves a problem with Messages that failed to load photos shared with an iCloud link.
To update your iPhone, go to Settings > General and tap Software Update.