Apple released major iOS 11.2 update last month with Apple Pay Cash, faster wireless charging and more, later it released OS 11.2.1, another minor update, now it has released iOS 11.2.2 update to patch several significant security problems. It has also released macOS High Sierra 10.13.2 supplemental update, after the initial macOS 10.13.2 last month.
The iOS 11.2.2 includes security improvements to Safari and WebKit to mitigate the effects of the Spectre vulnerability discovered earlier this month. The macOS 10.13.2 brings security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715). There is no hardware fix for Spectre, so Apple is addressing the vulnerability using Safari-based software workarounds.
The iOS 11.2.2 update is available for iPhone 5s and later, iPad Air and later, and iPod touch 6th generation.
Last week Apple confirmed all Macs and iOS devices are affected by Meltdown and Spectre vulnerabilities. It said:
All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time. Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store.
Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown. Apple Watch is not affected by Meltdown. In the coming days we plan to release mitigations in Safari to help defend against Spectre. We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS.