Apple recently released the new iOS 17.0.3 and iPadOS 17.0.3 for all compatible devices. The update is popularly known to fix the iPhone 15 overheating issue, but that is not all.
More importantly, iOS 17.0.3 also patches two security vulnerabilities, and one of them was actively exploited in the wild on all compatible devices.
When the iPhone 15 overheating issue was widely reported, Apple addressed the problem publically. In its statement, the company clarified that it was a software issue caused by three possible reasons: A bug in iOS 17, third-party apps overloading the system, or the increase in background activity while setting up or restoring the new devices. Apple promised to fix the issue in an upcoming update.
We have identified a few conditions which can cause iPhone to run warmer than expected. The device may feel warmer during the first few days after setting up or restoring the device because of increased background activity. We have also found a bug in iOS 17 that is impacting some users and will be addressed in a software update. Another issue involves some recent updates to third-party apps that are causing them to overload the system. We’re working with these app developers on fixes that are in the process of rolling out.
Should everyone update to iOS 17.0.3.?
Although the iOS 17.0.3 release notes vaguely mention that the update “provides important bug fixes, security updates, along with addressing an issue that causes iPhone to run warmer than expected, the dedicated support page for security content of iOS 17.0.3 and iPadOS 17.0.3 lists the security flaws patched in the update.
Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.
Description: The issue was addressed with improved checks. CVE-2023-42824
Impact: A buffer overflow may result in arbitrary code execution
Description: The issue was addressed by updating to libvpx 1.13.1.
WebKit Bugzilla: 262365 – CVE-2023-5217
Both flaws impacted Phone XS and later, along with iPad Pro 12.9-inch (2nd generation and newer), iPad Pro 10.5-inch, iPad Pro 11-inch (1st generation and newer), iPad Air (3rd generation and newer), iPad (6th generation and newer), and iPad mini (5th generation and newer).
It is advised that everyone should install iOS 17.0.3 on their compatible devices as it is safe. It will not only patch actively exploited security flaws but also improve performance by resolving issues causing the device to overheat.