What makes many users like apple and its products, is the ability to roll updates faster than Android. Almost two months ago, Apple released the 10.3.2 update. As users are waiting for the final release of iOS 11, Apple again has rolled out another update;10.3.3. This seems like the last update to iOS10 if all goes well. Like the previous update, this too went through thorough testing as apple favors quality of its products. Although this latest update brings new fixes, it is entirely like the old update. Its sole purpose is to fix bugs, enhance the security of the device, and other minor improvements from the 10.3.2 update. It’s also free, and you can get it OTA, you can also download it and install via iTunes. This update is compatible with most iOS devices starting from iPhone 5 and iPad 4th generation and later, and iPod Touch 6th generation.
The download size of this update also varies based on the device you have. It is between 80MB to 100MB for most users. Apple also released other updates for its other devices which are not “mobile-like.” These products include Mac computers, Apple watch and also Apple TV.
According to various sources, it was one vulnerability that made Apple release the update; Broadpwn. The vulnerability is Wi-Fi based, but Apple didn’t explicitly mention it as the cause. A similar vulnerability also affected most smartphones including those running on Android, but they were patched. This vulnerability was discovered by Nitay Artenstein of Exodus Intelligence and is rated 9.8 out of 10 on the security scale. Broadpwn, which affects the Broadcom Wi-Fi chips by extension affects the Apple devices which utilize it. Broadpwn allows an attacker who is in range to be able to execute the arbitrary code on the Wi-Fi chip.
The update doesn’t bring any noticeable features mainly because it’s a fix. Apart from the Broadpwn vulnerability, the 10.3.3 update fixes a lot more others. These vulnerabilities are listed and discussed further by Apple. Some of them include other vulnerabilities that arose after the previous update. Most of the vulnerabilities target the execution of the arbitrary code. The attackers may achieve this through various ways. For now, the known techniques include the attacker causing an expected termination of an application and processing maliciously crafted movie files. Other substantial ways include using kernel privileges and accessing read only memory.
The update also fixes some security compromises. They include; disclosure of user information through parsing a malicious XML file, bar spoofing in Safari browser when visiting malicious websites, exfiltrating data cross-origin by websites, cross site scripting by maliciously crafted website content and much more.
It is advisable to update your device as soon as possible especially with the Broadpwn threat looming, that’s if you value your data so much. If your device hasn’t notified you about the update yet, navigate to Settings > General > Software Update so that you can update. This update is likely to break any jailbroken aforementioned compatible device.