AppleがiPhoneなど向けiOS 16.2とiPadOS 16.2をリリース! |
Appleは13日(現地時間)、同社が販売するスマートフォン(スマホ)「iPhone」シリーズ向けプラットフォーム「iOS」とタブレット「iPad」シリーズ向けプラットフォーム「iPadOS」の最新バージョン「iOS 16.2(20C65)」および「iPadOS 16.2(20C65)」を提供開始したとお知らせしています。
対象機種はiOS 16およびiPadOS 16の対象機種である最新の「iPhone 14」シリーズや「iPad(第10世代)」、「12.9インチiPad Pro(第6世代)」、「11インチiPad Pro(第4世代)」を含むiPhone 8以降およびiPhone SE(第2世代)以降、iPad(第5世代以降)、iPad Air(第3世代以降)、iPad mini(第5世代以降)、iPad Pro(全モデル)の各製品にて無料で更新可能です。
変更点はブレーンストーミングやアイデアの実現に最適なアプリ「フリーボード」やカラオケ機能「Apple Music Sing」が追加されるほか、ロック画面やステージマネージャなどの改善、日本語キーボードでの入力中にVoiceOverで変更を認識できないことがある問題などのさまざまな不具合の修正、各種のセキュリティーアップデートが実施されています。
その他、iOS 16およびiPadOS 16に対応しないiPhoneやiPad、iPod touch向け「iOS 15.7.2」および「iPadOS 15.7.2」のほか、パソコン「Mac」向け「macOS」の最新バージョン「macOS 13.1(22C65)」、スマートウォッチ「Apple Wach」向け「watchOS」の最新バージョン「watchOS 9.2(20S361)」、スマートテレビ「Apple TV」向け「tvOS」の最新バージョン「tvOS 16.2(20K362)」なども提供開始されています。
iPhone向けのiOSの最新メジャーバージョンとして今年9月に提供開始されたiOS 16、iPad向けのiPadOSの最新メジャーバージョンとして今年10月に提供開始されたiPadOS 16ですが、その後、不具合が修正された「iOS 16.0.1」および「iOS 16.0.2」、「iOS 16.0.3」が提供され、さらにiPadOS 16.1と合わせてiOS 16.1がリリースされてきました。
今回、さらにフリーボードAppなどの新機能が追加されたOS 16.2およびiPadOS 16.2が配信開始されました。更新は従来通り各製品本体のみでOTA(On-The-Air)によりダウンロードで行え、方法としては、「設定」→「一般」→「ソフトウェア・アップデート」から行えます。iOS 16およびiPadOS 16の対象機種は以下の通り。
<iOS 16対応製品>
・iPhone 14
・iPhone 14 Plus
・iPhone 14 Pro
・iPhone 14 Pro Max
・iPhone 13
・iPhone 13 mini
・iPhone 13 Pro
・iPhone 13 Pro Max
・iPhone 12
・iPhone 12 mini
・iPhone 12 Pro
・iPhone 12 Pro Max
・iPhone 11
・iPhone 11 Pro
・iPhone 11 Pro Max
・iPhone XS
・iPhone XS Max
・iPhone XR
・iPhone X
・iPhone 8
・iPhone 8 Plus
・iPhone SE(第2世代)
・iPhone SE(第3世代)
<iPadOS 16対応製品>
・12.9インチiPad Pro(第6世代)
・12.9インチiPad Pro(第5世代)
・12.9インチiPad Pro(第4世代)
・12.9インチiPad Pro(第3世代)
・12.9インチiPad Pro(第2世代)
・12.9インチiPad Pro(第1世代)
・11インチiPad Pro(第4世代)
・11インチiPad Pro(第3世代)
・11インチiPad Pro(第2世代)
・11インチiPad Pro(第1世代)
・10.5インチiPad Pro
・9.7インチiPad Pro
・iPad Air(第5世代)
・iPad Air(第4世代)
・iPad Air(第3世代)
・iPad mini(第6世代)
・iPad mini(第5世代)
またiTunesをインストールしたWindowsおよびMacとUSB-Lightningケーブルで接続しても実施できます。なお、単体でアップデートする場合のダウンロードサイズは手持ちのiPhone 13 Pro MaxでiOS 16.1.2からだと1.17GBとなっています。Appleが案内しているアップデートの内容およびセキュリティーコンテンツの修正は以下の通り。
iOS 16.2
このアップデートでは、ブレーンストーミングやアイデアの実現に最適なフリーボードAppが導入されます。このリリースには、iPhone用のApple Music Singのほか、ロック画面の改善やその他の機能、およびバグ修正も追加されています。
・Mac、iPad、iPhoneで友達や同僚とクリエイティブに作業するための新しい“フリーボード” App
Apple Music Sing
・Apple Music内の何百万もの曲から選んだお気に入りの曲に合わせて歌う新しい方法
・iPhone 14 ProおよびiPhone 14 Pro Maxで“常に画面オン”が有効になっている場合に壁紙や通知を非表示にできる新しい設定
Game Center
・Game CenterのマルチプレイヤーゲームがSharePlayに対応し、FaceTimeで通話中の人とプレイ可能
・iPhone 14とiPhone 14 Proモデルでの衝突事故検出の最適化
iPadOS 16.2
このアップデートでは、ブレーンストーミングやアイデアの実現に最適なフリーボードAppが導入されます。このリリースには、ステージマネージャの改善のほか、iPad用のApple Music Singやその他の機能、およびバグ修正も追加されています。
・Mac、iPad、iPhoneで友達や同僚とクリエイティブに作業するための新しい“フリーボード” App
・描画ツールでキャンバス上のどこにでも指やApple Pencilでスケッチ可能
・iPad Pro 12.9インチ(第5世代以降)、iPad Pro 11インチ(第3世代以降)、およびiPad Air(第5世代)で最大6Kの解像度の外部ディスプレイに対応
Apple Music Sing
・Apple Music内の何百万もの曲から選んだお気に入りの曲に合わせて歌う新しい方法
Game Center
・Game CenterのマルチプレイヤーゲームがSharePlayに対応し、FaceTimeで通話中の人とプレイ可能
- Accounts
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A user may be able to view sensitive user information
Description: This issue was addressed with improved data protection.
CVE-2022-42843: Mickey Jin (@patch1t)
- AppleAVD
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Parsing a maliciously crafted video file may lead to kernel code execution
Description: An out-of-bounds write issue was addressed with improved input validation.
CVE-2022-46694: Andrey Labunets and Nikita Tarakanov
- AppleMobileFileIntegrity
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed by enabling hardened runtime.
CVE-2022-42865: Wojciech Reguła (@_r3ggi) of SecuRing
- AVEVideoEncoder
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A logic issue was addressed with improved checks.
CVE-2022-42848: ABC Research s.r.o
- CoreServices
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: Multiple issues were addressed by removing the vulnerable code.
CVE-2022-42859: Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Offensive Security
- GPU Drivers
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2022-46702: Xia0o0o0o of W4terDr0p, Sun Yat-sen University
- Graphics Driver
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-42850: Willy R. Vasquez of The University of Texas at Austin
- Graphics Driver
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Parsing a maliciously crafted video file may lead to unexpected system termination
Description: The issue was addressed with improved memory handling.
CVE-2022-42846: Willy R. Vasquez of The University of Texas at Austin
- ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing a maliciously crafted file may lead to arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved input validation.
CVE-2022-46693: Mickey Jin (@patch1t)
- ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Parsing a maliciously crafted TIFF file may lead to disclosure of user information
Description: The issue was addressed with improved memory handling.
CVE-2022-42851: Mickey Jin (@patch1t)
- IOHIDFamily
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
CVE-2022-42864: Tommy Muir (@Muirey03)
- IOMobileFrameBuffer
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write issue was addressed with improved input validation.
CVE-2022-46690: John Aakerblom (@jaakerblom)
- iTunes Store
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution
Description: An issue existed in the parsing of URLs. This issue was addressed with improved input validation.
CVE-2022-42837: Weijia Dai (@dwj1210) of Momo Security
- Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with additional validation.
CVE-2022-46689: Ian Beer of Google Project Zero
- Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges
Description: The issue was addressed with improved bounds checks.
CVE-2022-46701: Felix Poulin-Belanger
- Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A remote user may be able to cause kernel code execution
Description: The issue was addressed with improved memory handling.
CVE-2022-42842: pattern-f (@pattern_F_) of Ant Security Light-Year Lab
- Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with improved checks.
CVE-2022-42861: pattern-f (@pattern_F_) of Ant Security Light-Year Lab
- Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to break out of its sandbox
Description: The issue was addressed with improved memory handling.
CVE-2022-42844: pattern-f (@pattern_F_) of Ant Security Light-Year Lab
- Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-42845: Adam Doupé of ASU SEFCOM
- Photos
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Shake-to-undo may allow a deleted photo to be re-surfaced without authentication
Description: The issue was addressed with improved bounds checks.
CVE-2022-32943: an anonymous researcher
- ppp
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-42840: an anonymous researcher
- Preferences
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to use arbitrary entitlements
Description: A logic issue was addressed with improved state management.
CVE-2022-42855: Ivan Fratric of Google Project Zero
- Printing
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed by removing the vulnerable code.
CVE-2022-42862: Mickey Jin (@patch1t)
- Safari
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Visiting a website that frames malicious content may lead to UI spoofing
Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
CVE-2022-46695: KirtiKumar Anandrao Ramchandani
- Software Update
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: A user may be able to elevate privileges
Description: An access issue existed with privileged API calls. This issue was addressed with additional restrictions.
CVE-2022-42849: Mickey Jin (@patch1t)
- Weather
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to read sensitive location information
Description: The issue was addressed with improved handling of caches.
CVE-2022-42866: an anonymous researcher
- WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A use after free issue was addressed with improved memory management.
WebKit Bugzilla: 245521CVE-2022-42867: Maddie Stone of Google Project Zero
- WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory consumption issue was addressed with improved memory handling.
WebKit Bugzilla: 245466CVE-2022-46691: an anonymous researcher
- WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may bypass Same Origin Policy
Description: A logic issue was addressed with improved state management.
WebKit Bugzilla: 246783CVE-2022-46692: KirtiKumar Anandrao Ramchandani
- WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may result in the disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2022-42852: hazbinhotel working with Trend Micro Zero Day Initiative
- WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved input validation.
WebKit Bugzilla: 246942CVE-2022-46696: Samuel Groß of Google V8 Security
WebKit Bugzilla: 247562CVE-2022-46700: Samuel Groß of Google V8 Security
- WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may disclose sensitive user information
Description: A logic issue was addressed with improved checks.
CVE-2022-46698: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.
- WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved state management.
WebKit Bugzilla: 247420CVE-2022-46699: Samuel Groß of Google V8 Security
WebKit Bugzilla: 244622CVE-2022-42863: an anonymous researcher
Additional recognition
- Kernel
We would like to acknowledge Zweig of Kunlun Lab and pattern-f (@pattern_F_) of Ant Security Light-Year Lab for their assistance.
- Safari Extensions
We would like to acknowledge Oliver Dunk and Christian R. of 1Password for their assistance.
- WebKit
We would like to acknowledge an anonymous
・エスマックス(S-MAX) smaxjp on Twitter
・S-MAX - Facebookページ
・iOS 16 関連記事一覧 - S-MAX
・iPadOS 16 関連記事一覧 - S-MAX
・iOS 16 のアップデートについて - Apple サポート (日本)
・iPadOS 16 のアップデートについて - Apple サポート (日本)
・iOS 16.2 および iPadOS 16.2 のセキュリティコンテンツについて - Apple サポート (日本)
・Apple セキュリティアップデート - Apple サポート