Apple releases iOS 17.7 for those who don’t want to install iOS 18

The launch of iOS 18 is perhaps the most important of the last few hours, however, Apple has released another update that could interest many users. We had already warned that Apple was going to allow users to stay on iOS 17 and continue receiving updates, and The company has released iOS 17.7 for all iPhone users who want to stay.

This is not an update aimed at adding improvements, that’s what iOS 18 is for. iOS 17.7 focuses on improving the system and, above all, fixing security bugs.

How to install iOS 17.7

Installing iOS 17.7 is easy, but keep in mind that downgrading cannot be done easily on the iPhone. Going back from iOS 18 to iOS 17.7 is possible, but you may lose information along the way. So To install iOS 17.7, you must be using a version of iOS 17

• Go to the Settings app.
• Now tap on General > Software Update.
• Two options will appear, update to the new iOS 18 or download iOS 17.7, tap on the latter.

What’s new in iOS 17.7

As we mentioned earlier, in iOS 17.7 we do not find any interesting new features, the main improvements are security, and there are many of them. Apple has shared a document showing that up to 16 major security bugs have been fixed. These are the following:

• Accessibility
  • Impact: An attacker with physical access to a locked device may be able to control nearby devices via accessibility features.
  • Description: This issue was addressed through improved state management.
  • CVE-2024-44171: Jake Derouin
• Compression
  • Impact: Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.
  • Description: Fixed a race condition with improved crash
  • CVE-2024-27876: Snoolie Keffaber (@0xilis)
• Play center
  • Impact: An application may be able to access sensitive user data
  • Description: Fixed a file access issue by improving input validation
  • CVE-2024-40850: Denis Tokarev (@illusionofcha0s)
• I/O Image
  • Impact: Processing a maliciously crafted file may cause the application to terminate unexpectedly.
  • Description: Fixed an out-of-bounds read issue by improving input validation
  • CVE-2024-27880: Junsung Lee
• I/O Image
  • Impact: Image processing may cause a denial of service
  • Description: Fixed an out-of-bounds access issue by improving bounds checking.
  • CVE-2024-44176: dw0r from ZeroPointer Lab working with Trend Micro Zero Day Initiative, anonymous researcher
• Surface accelerator
  • Impact: An application may cause an unexpected system shutdown
  • Description: The issue was addressed by improving memory management.
  • CVE-2024-44169: Antonio Zekic
• Heart
  • Impact: Network traffic may leak outside a VPN tunnel
  • Description: Fixed a logic issue by improving checks
  • CVE-2024-44165: Andrew Lytvynov
• Heart
  • Impact: An application may gain unauthorized access to Bluetooth
  • Description: This issue was addressed through improved state management.
  • CVE-2024-44191: Alexander Heinrich, SEEMOO, DistriNet, KU Leuven (@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef
• Email Accounts
  • Impact: An application can access information about a user’s contacts.
  • Description: Addresses a privacy issue by improving the redaction of private data for journal entries
  • CVE-2024-40791: Rodolphe BRUNETTI (@eisw0lf)
• mDNSR Responder
  • Impact: An application may cause a denial of service
  • Description: A logic error was fixed by improving error handling.
  • CVE-2024-44183: Olivier Levon
• Safari Private Browsing
  • Impact: Private browsing tabs are accessible without authentication
  • Description: This issue was addressed through improved state management.
  • CVE-2024-44127: Anamika Adhikari
• Shortcuts
  • Impact: A shortcut may generate sensitive user data without consent
  • Description: This issue was addressed by improving the wording of sensitive information.
  • CVE-2024-44158: Kirin (@Pwnrin)
• Shortcuts
  • Impact: An application may be able to observe data displayed to the user using shortcuts
  • Description: Addresses a privacy issue by improving temporary file handling
  • CVE-2024-40844: Kirin (@Pwnrin) and Lucky (@uuulucky) from the North Sea
• Synchronization Services
  • Impact: An app may be able to bypass privacy preferences
  • Description: This issue was addressed by improving controls
  • CVE-2024-44164: Mickey Jin (@patch1t)
• Transparency
  • Impact: An application may be able to access sensitive user data
  • Description: Fixed a permissions issue with additional restrictions
  • CVE-2024-44184: Bohdan Stasiuk (@Bohdan_Stasiuk)
• KitUI
  • Impact: An attacker can cause an application to terminate unexpectedly
  • Description: The issue was addressed by improving limit checks.
  • CVE-2024-27879: Justin Cohen

All of these bugs were present on the iPhone, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later.

You can follow iPadized on Facebook, WhatsApp, Twitter (X) or check out our Telegram channel to stay up to date with the latest tech news.