Apple says iOS 15.2.1 fixes its HomeKit denial of service vulnerability

News
By Oliver Haslam
published

HomeKit Router splash screen displayed on an iPhone
HomeKit Router splash screen displayed on an iPhone (Image credit: Christopher Close / iMore)

What you need to know

  • Apple has released iOS 15.2.1 to the public.
  • iOS 15.2.1 fixes a bug that caused iPhones and iPads to restart when a HomeKit accessory had a name with more than 500,000 characters in its name.
  • All users should install iOS 15.2.1 as soon as possible.

Apple says that its new iOS 15.2.1 update patches a HomeKit denial of service vulnerability that could make an iPhone or iPad crash repeatedly. The release is available for download now and should be installed as soon as possible.

The vulnerability was reported by security researcher Trevor Spinoloas and was found to be an issue when a HomeKit device's name was changed to something that was more than 500,000 characters long. Such a name caused what was essentially a Denial of Service attack and caused iPhones and iPads to repeatedly crash.

When the name of a HomeKit device is changed to a large string (500,000 characters in testing), any device with an affected iOS version installed that loads the string will be disrupted, even after rebooting. Restoring a device and signing back into the iCloud account linked to the HomeKit device will again trigger the bug.

Apple now says that the iOS 15.2.1 update fixes the issue and will prevent it from happening again. The same update also reportedly ensures that CarPlay apps work properly when tapped. Another issue that prevented images from loading when sent via iCloud Link has also been dealt with in this release.

Those who are yet to update their devices can do so by heading into the Settings, tapping General, and then Software Update.

Oliver Haslam
Oliver Haslam
Contributor

Oliver Haslam has written about Apple and the wider technology business for more than a decade with bylines on How-To Geek, PC Mag, iDownloadBlog, and many more. He has also been published in print for Macworld, including cover stories. At iMore, Oliver is involved in daily news coverage and, not being short of opinions, has been known to 'explain' those thoughts in more detail, too.

Having grown up using PCs and spending far too much money on graphics card and flashy RAM, Oliver switched to the Mac with a G5 iMac and hasn't looked back. Since then he's seen the growth of the smartphone world, backed by iPhone, and new product categories come and go. Current expertise includes iOS, macOS, streaming services, and pretty much anything that has a battery or plugs into a wall. Oliver also covers mobile gaming for iMore, with Apple Arcade a particular focus. He's been gaming since the Atari 2600 days and still struggles to comprehend the fact he can play console quality titles on his pocket computer.