Apple has officially released iOS 11.2.5 update for compatible iPhone, iPad, and iPod Touch devices. The latest iOS 11.2.5 is not a major update but includes some new features, improvements and bug fixes. Apple hasn’t disclosed more than that, apart from the security update contents.

“iOS 11.2.5 includes support for HomePod and introduces the ability for Siri to read the news (US, UK and Australia only).”

download iOS 11.2.5 IPSW final update

The iOS users can grab this update through OTA or perform the fresh installation by downloading relevant iOS 11.2.5 IPSW file. You can navigate Settings > General > Software Update for OTA (Over-the-Air) update. iOS 11.2.2 offline installer links can be accessed from this post.

Along with iOS 11.2.5, Apple made available macOS 10.13.3, tvOS 11.2.5, watchOS 4.2.2 and iTunes 12.7.3. The users are suggested to update Apple devices without any delay.

You can go through the changelog and release notes of iOS 11.2.5 published by Apple.

iOS 11.2.5 Update Security Contents

Released January 23, 2018

Audio

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution

Description: A memory corruption issue was addressed through improved input validation.

CVE-2018-4094: Mingi Cho, MinSik Shin, Seoyoung Kim, Yeongho Lee and Taekyoung Kwon of the Information Security Lab, Yonsei University

Core Bluetooth

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4087: Rani Idan (@raniXCH) of Zimperium zLabs Team

CVE-2018-4095: Rani Idan (@raniXCH) of Zimperium zLabs Team

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A memory initialization issue was addressed through improved memory handling.

CVE-2018-4090: Jann Horn of Google Project Zero

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A race condition was addressed through improved locking.

CVE-2018-4092: an anonymous researcher

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed through improved input validation.

CVE-2018-4082: Russ Cox of Google

Kernel

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2018-4093: Jann Horn of Google Project Zero

LinkPresentation

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing a maliciously crafted text message may lead to application denial of service

Description: A resource exhaustion issue was addressed through improved input validation.

CVE-2018-4100: Abraham Masri (@cheesecakeufo)

QuartzCore

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue existed in the processing of web content. This issue was addressed through improved input validation.

CVE-2018-4085: Ret2 Systems Inc. working with Trend Micro’s Zero Day Initiative

Security

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A certificate may have name constraints applied incorrectly

Description: A certificate evaluation issue existed in the handling of name constraints. This issue was addressed through improved trust evaluation of certificates.

CVE-2018-4086: Ian Haken of Netflix

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4088: Jeonghoon Shin of Theori

CVE-2018-4089: Ivan Fratric of Google Project Zero

CVE-2018-4096: found by OSS-Fuzz

Apple iOS Offline Installer Links

iOS 11.2.5 Offline Installer for iPhone X / iOS 11.2.5 IPSW Links

Download iOS 11.2.5 IPSW for iPhone X / iPhone X Update

iOS 11.2.5 Offline Installer for iPhone 8 / iOS 11.2.5 IPSW Links

iOS 11.2.5 Offline Installer for iPhone 7 / iOS 11.2.5 IPSW Links

iOS 11.2.5 Offline Installer for iPhone 6 / iOS 11.2.5 IPSW Links

iOS 11.2.5 Offline Installer for iPhone 5s / iOS 11.2.5 IPSW Links

iOS 11.2.5 IPSW for iPhone SE / iOS 11.2.5 IPSW Links

iOS 11.2.5 Offline Installer for iPad / iOS 11.2.5 IPSW Links

iOS 11.2.5 Offline Installer for iPad Pro / iOS 11.2.5 IPSW Links

iOS 11.2.5 Offline Installer for iPad Mini / iOS 11.2.5 IPSW Links

iOS 11.2.5 Offline Installer for iPad Air / iOS 11.2.5 IPSW Links

iOS 11.2.5 IPSW Offline Installer Link for iPod Touch 6th Generation

LEAVE A REPLY

Please enter your comment!
Please enter your name here