Apple has released iOS 16.2 bringing Freeform, Apple Music Sing, fixes for 35 security vulnerabilities, and more.
iOS 16.2 also adds Advanced Data Protection for iCloud, Lock Screen improvements, and other features and bug fixes for your iPhone.
Freeform app
Freeform is a digital canvas app that is designed to let iPhone, iPad, and Mac users work together collaboratively in real time. Multiple people can contribute images, notes, scribbles, documents, web links, PDFs, and more, with content added visible to everyone.
Apple’s Freeform app is designed to work with the Apple Pencil on ‌‌iPad‌‌, and it can be used with FaceTime for visual feedback between Freeform participants.
Apple Music Sing
With the release of iOS 16.2, iPadOS 16.2, and tvOS 16.2, Apple is introducing ‌Apple Music‌ Sing, a new Karaoke experience for ‌‌Apple Music‌‌ subscribers that lets users sing along to their favourite songs by adjusting the volume of the vocals in tracks.
Available on ‌iPhone‌, ‌iPad‌, and Apple TV 4K (2022), ‌‌Apple Music‌‌ Sing works with ‌‌Apple Music‌‌’s real-time lyrics feature, and gives you control over a song’s vocal levels. This means you can sing along with the original artist vocals or turn the vocals down and take the lead.
Lock Screen
New settings allow you to hide wallpaper or notifications when Always-On display is enabled on iPhone 14 Pro and iPhone 14 Pro Max. Sleep widget lets you view your most recent sleep data, while Medications widget lets you view reminders and quickly access your schedule.
Game Center
SharePlay support in Game Center for multiplayer games so you can play with the people you are on a FaceTime call with.
Activity Widget allows you to see what your friends are playing and achieving in games right from your Home Screen.
Home
Improved reliability and efficiency of communication between your smart home accessories and Apple devices.
5G in India
iOS 16.2 brings 5G compatibility to iPhones in India.
iCloud Enhanced Data Protection
With the release of iOS 16.2 and macOS 13.1, Apple is introducing Advanced Data Protection for ‌iCloud‌, which uses end-to-end encryption to provide Apple’s highest level of cloud data security yet. ‌iCloud‌ already protects 14 sensitive data categories using end-to-end encryption by default, including passwords in ‌iCloud‌ Keychain and Health data.
For users who enable Advanced Data Protection, the total number of data categories protected using end-to-end encryption rises to 23.
The new security feature ensures users now have the choice to protect more of their important ‌iCloud‌ data, including ‌iCloud‌ Backup, Photos, Notes, and more. Note that the feature is currently only available to users in the US. Apple says it will launch globally in early 2023.
iPhone 14 Pro Always-On Display Customizations
When Apple debuted iPhone 14 Pro and ‌iPhone 14 Pro‌ Max devices, some users criticized the Always-On Display’s lack of customization options. Apple has listened to feedback, and in iOS 16.2 it has added options to let users adjust the level of detail presented on their ‌iPhone 14 Pro‌’s Always-On display.
iCloud Private Relay Temporary Bypass
Apple’s paid-for ‌iCloud‌+ service includes a feature called ‌‌‌iCloud‌‌‌ Private Relay, which is designed to encrypt web traffic leaving your device so that no one can intercept it or read it.
Private Relay hides your IP address from websites in the process, but Apple realizes that there may be times when you actually want your IP address to remain visible in certain situations, which is why it has added a new temporary bypass option.
Live Activities Updates
Users can now enable Live Activities for Apple’s TV app, as well as opt to receive more frequent updates from the feature on a per-app basis.
Live Activities in the TV app are available for MLB games for users in the U.S., Canada, Australia, U.K., Brazil, Mexico, Japan, and South Korea, in addition to NBA and Premier League games for users in the U.S. and Canada only. The feature will likely be expanded to other sports leagues in the future.
iOS 16.2 also includes the following improvements and bug fixes:
- Improved search in Messages allows you to find photos based on their content, like a dog, car, person, or text.
- Reload and Show IP Address setting enables iCloud Private Relay users to temporarily disable the service for a specific site in Safari
- News articles in Weather display information relevant to the weather in that location
- Participant Cursors in Notes allow you to see live indicators as others make updates in a shared note
- AirDrop now automatically reverts to Contacts Only after 10 minutes to prevent unwanted requests to receive content
- Crash Detection optimizations on iPhone 14 and iPhone 14 Pro models
- Fixes an issue that causes some notes not to sync with iCloud after updates are made
iOS 16.2 Security Fixes
Among the security issues fixed in iOS 16.2 are six in the Kernel at the heart of the iPhone operating system and nine in WebKit, the engine that powers Apple’s Safari browser. The WebKit vulnerabilities patched in iOS 16.2 include issues that could lead to arbitrary code execution.
Accounts
Impact: A user may be able to view sensitive user information
Description: This issue was addressed with improved data protection.
AppleAVD
Impact: Parsing a maliciously crafted video file may lead to kernel code execution
Description: An out-of-bounds write issue was addressed with improved input validation.
AppleMobileFileIntegrity
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed by enabling hardened runtime.
AVEVideoEncoder
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A logic issue was addressed with improved checks.
CoreServices
Impact: An app may be able to bypass Privacy preferences
Description: Multiple issues were addressed by removing the vulnerable code.
GPU Drivers
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
Graphics Driver
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
Impact: Parsing a maliciously crafted video file may lead to unexpected system termination
Description: The issue was addressed with improved memory handling.
ImageIO
Impact: Processing a maliciously crafted file may lead to arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved input validation.
Impact: Parsing a maliciously crafted TIFF file may lead to disclosure of user information
Description: The issue was addressed with improved memory handling.
IOHIDFamily
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
IOMobileFrameBuffer
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write issue was addressed with improved input validation.
iTunes Store
Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution
Description: An issue existed in the parsing of URLs. This issue was addressed with improved input validation.
Kernel
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with additional validation.
Impact: Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges
Description: The issue was addressed with improved bounds checks.
Impact: A remote user may be able to cause kernel code execution
Description: The issue was addressed with improved memory handling.
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with improved checks.
Impact: An app may be able to break out of its sandbox
Description: The issue was addressed with improved memory handling.
Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
Photos
Impact: Shake-to-undo may allow a deleted photo to be re-surfaced without authentication
Description: The issue was addressed with improved bounds checks.
ppp
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
Preferences
Impact: An app may be able to use arbitrary entitlements
Description: A logic issue was addressed with improved state management.
Printing
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed by removing the vulnerable code.
Safari
Impact: Visiting a website that frames malicious content may lead to UI spoofing
Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
Software Update
Impact: A user may be able to elevate privileges
Description: An access issue existed with privileged API calls. This issue was addressed with additional restrictions.
Weather
Impact: An app may be able to read sensitive location information
Description: The issue was addressed with improved handling of caches.
WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A use after free issue was addressed with improved memory management.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory consumption issue was addressed with improved memory handling.
Impact: Processing maliciously crafted web content may bypass Same Origin Policy
Description: A logic issue was addressed with improved state management.
Impact: Processing maliciously crafted web content may result in the disclosure of process memory
Description: The issue was addressed with improved memory handling.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved input validation.
Impact: Processing maliciously crafted web content may disclose sensitive user information
Description: A logic issue was addressed with improved checks.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved state management.
iOS 16.2 Supported Devices
iOS 16.2 will run on all iPhones from iPhone 8 onwards. To be exact:
- iPhone 14
- iPhone 14 Plus
- iPhone 14 Pro
- iPhone 14 Pro Max
- iPhone 13
- iPhone 13 mini
- iPhone 13 Pro
- iPhone 13 Pro Max
- iPhone 12
- iPhone 12 mini
- iPhone 12 Pro
- iPhone 12 Pro Max
- iPhone 11
- iPhone 11 Pro
- iPhone 11 Pro Max
- iPhone Xs
- iPhone XS Max
- iPhone XR
- iPhone X
- iPhone 8
- iPhone 8 Plus
- iPhone SE (2nd generation or later)
As normal, to update to iOS 16.2, go to your iPhone Settings > General > Software Update and install iOS 16.2 when you can.
