iOS 15.2.1 and iPadOS 15.2.1 Address HomeKit Vulnerability
Apple today released iOS 15.2.1 and iPadOS 15.2.1, minor updates that include an important security fix for a known HomeKit vulnerability that was first discovered last year.
According to Apple's security support document for the update, it addresses an issue that could cause a maliciously crafted HomeKit name to result in a denial of service, causing iPhones and iPads not to work.
Apple says that it was caused by a resource exhaustion issue that has now been addressed with improved input validation.
The HomeKit bug was first highlighted in January by
Bleeping Computer after
being discovered by Trevor Spiniolas. Called "doorLock," the vulnerability is executed by changing the name of a HomeKit device to something with over 500,000 characters.
Attempting to load such a large string of characters causes the iOS device to be sent into a denial of service state, and a forced reset is the only way to recover. Resetting the device results in a loss of data unless there is an available backup, and signing back into an affected iCloud account linked to the broken HomeKit device name can re-trigger the bug.
Apple partially fixed the bug in iOS 15.1 by limiting the length of the name that can be set for a HomeKit device or app, but it didn't entirely fix the issue because malicious people exploiting the vulnerability could use Home invitations rather than a device to trigger the attack.
Because this bug could result in data loss at worst and a device reset at best, it's worth updating to the iOS and iPadOS 15.2.1 updates right away.
Popular Stories
With the fourth betas of iOS 26.1, iPadOS 26.1, and macOS 26.1, Apple has introduced a new setting that's designed to allow users to customize the look of Liquid Glass.
The toggle lets users select from a clear look for Liquid Glass, or a tinted look. Clear is the current Liquid Glass design, which is more transparent and shows the background underneath buttons, bars, and menus, while tinted ...
Apple is "drastically" cutting production of the iPhone Air and shifting focus toward the iPhone 17 and iPhone 17 Pro models, Nikkei Asia reports.
The business publication claims to have learned of a major cut to iPhone Air production motivated by weaker-than-expected consumer interest, nearly to "end of production levels." Despite early reports of the iPhone Air selling out within hours of...
With the fourth beta of iOS 26.1, Apple added a toggle that makes Liquid Glass more opaque and reduces transparency. We tested the beta to see where the toggle works and what it looks like.
Subscribe to the MacRumors YouTube channel for more videos.
If you have the latest iOS 26.1 beta, you can go to Settings > Display and Brightness to get to the new option. Tap on Liquid Glass, then...
Apple plans to launch a new type of iPhone every year for the foreseeable future, according to an Asia-based source.
The detailed information was shared by the account "yeux1122" in a blog post on the Korean platform Naver, citing domestic trend and component research companies.
Corroborating other reports, Apple will apparently launch its first foldable iPhone in 2026, featuring a...
General Motors began phasing out support for CarPlay in its electric vehicles back in 2023, leading to complaints from iPhone users, but the company has no plans to back down.
In fact, GM is going further and plans to remove CarPlay from all future gas vehicles, too. In an interview with The Verge, GM CEO Mary Barra said that the company opted to prioritize its platform for EVs, but the...
iOS 26 was released last month, but the software train never stops, and iOS 26.1 beta testing is already underway. So far, iOS 26.1 makes both Apple Intelligence and Live Translation on compatible AirPods available in additional languages, and it includes some other minor changes across the Apple Music, Calendar, Photos, Clock, and Safari apps.
More features and changes will follow in future ...
Even though we're at the fourth beta of iOS 26.1, Apple is continuing to add new features. In fact, the fourth beta has some of the biggest changes that we'll get when iOS 26.1 releases to the public later this month. We've rounded up what's new below.
Liquid Glass Transparency Toggle
Apple added a toggle for customizing the look of Liquid Glass. In Settings > Display and Brightness,...
Kohler is expanding its line of bathroom products with Dekoda, an iPhone-connected device that's designed to be attached to a toilet rim (via The Verge). The device's included "sensors" point into the toilet bowl, allowing it to analyze what goes on in the bathroom.
According to Kohler, Dekoda is a health tracker that can monitor gut health and hydration, as well as detect the presence of...
Apple's software engineers continue to internally test iOS 26.0.2, according to MacRumors logs, which have been a reliable indicator of upcoming iOS versions.
iOS 26.0.2 will be a minor update that addresses bugs and/or security vulnerabilities, but we do not know any specific details yet.
The update will likely be released by the end of next week.
Last month, Apple released iOS 26.0.1,...
