watchOS 8.5 Security Update – Released 14 March 2022

Apple has released a slew of security updates on 14th and 15th March. watchOS firmware received an update as part of the current month’s update cycle. watchOS will need to be updated to the latest version 8.5. This resolves security vulnerabilities that can impair the functioning and security of Apple Watches.

watchOS 8.5 supersedes watchOS 8.4.2. The previous update was published on 10th February 2022. It did not have any CVE details or security vulnerabilities. Given this background, the watchOS 8.5 update assumes significance.

Below, we look at the various vulnerabilities that have been resolved as part of the watchOS upgrade to 8.5. We also look at the Apple Watch models that should be updated with the latest firmware. And, finally, we write about the different methods that can be used to update the firmware on your Apple Watch.

Which Apple Watch models are eligible for watchOS 8.5?

Apple’s watchOS 8.5 update is a security update. It is available for the following Apple Watch models:

  • Apple Watch 3 and later versions of Apple Watch can deploy the watchOS 8.5. The watchOS 8.5 update supersedes the watch OS 8.4.2 version. This implies that the watchOS 8.5 update can be rolled out to Apple Watch 3, Apple Watch 4, Apple Watch 5, Apple Watch 6 and the Apple Watch 7.
  • Apple Watch SE can also deploy the watchOS 8.5 as it is compatible with the watchOS 8.5 update..

How can I upgrade to watchOS 8.5 on my Apple Watch?

Apple’s Watch can be updated to watchOS 8.5 through one of the following two ways:

Install watchOS 8.5 directly through the Apple Watch

If you are running watchOS 6 or later, you can install the latest security update without an iPhone.

You can install the watchOS 8.5 updates on the Apple Watch through the Wi-Fi network connectivity on the watch. To install the security updates on Apple Watch without an iPhone, the watchOS version on the watch should be version 6 or later.

  • Open Settings on your Apple Watch.
  • Tap Wi-Fi. From the available Wi-Fi options, choose the Wi-Fi network to join. Apple Watch 6 and later can join 2.4 GHz and 5 GHz Wi-Fi networks. Older Apple Watch models can only connect to the 2.4 GHz network.
  • Enter the password and Tap join to join the Wi-Fi network.
  • watchOS 8.5 update gets downloaded through the Wi-Fi network on the device storage of Apple Watch.

Install watchOS 8.5 through iPhone

You can use the iPhone to update watchOS 8.5. Before installing the watchOS using an iPhone, you need to ensure that the following conditions are met.

  • Apple Watch must have at least 50 percent battery charge. Apple actually suggests connecting the Apple Watch to a charge during the update process.
  • The paired iPhone must run iOS 15 or higher.
  • The paired iPhone must be at least an iPhone 6S model.
  • There should be decent quality Bluetooth connection between the iPhone and the Apple Watch. Both devices must be in close proximity to each other.
  • You need to ensure that the Apple Watch app is running during the entire process of firmware update.
  • Software update on Apple Watch could take up to an hour before completion.
  • Phone and the watch should not be restarted during the update process.

Once you have ensured the incidental conditions are in order, we can proceed with installing the watchOS 8.5 updates through the paired iPhone.

  • Bring up the Apple Watch app on your iPhone.
  • Tap the MyWatch tab.
  • Tap General and select Software Update.
  • Download the update on the phone.
  • Through the paired connection and the Apple Watch app, the update gets pushed out to the Apple Watch.
  • Upon successful completion of the update process, your Apple Watch will restart and launch back with the latest watchOS 8.5.

Most issues during the update process happen because of inadequate battery charge on the Apple Watch. And, poor quality paired connectivity between the iPhone and Apple Watch can significantly cause bottlenecks during the update process.

Vulnerabilities resolved in Apple Watch’s watchOS 8.5 upgrade

The security update note posted by Apple lists 22 vulnerabilities that have been resolved as part of the watchOS update to version 8.5. Out of these 22 security vulnerabilities, 5 vulnerabilities reside in the Kernel and another 5 affect the Webkit. We list the vulnerabilities reported by Apple in the security bulletin below. This should serve as a ready reckoner of sorts for the security gaps reported and resolved by Apple as part of watchOS 8.5 update.

Kernel vulnerabilities resolved in watchOS 8.5 update for Apple Watches

The following seven vulnerabilities in watch Kernel have been fixed as part of the watchOS 8.5:

  • CVE-2022-22596 – This vulnerability can cause code execution on the Kernel and carries a temporary CVSS score of 7.5. An attacker could execute malicious code on the device. The issue affects watchOS versions up to 8.4.2. The issue is mitigated in watchOS 8.5. The update resolves memory corruption issue.
  • CVE-2022-22640 – The vulnerability can cause malicious or arbitrary code execution by an attacker who has kernel privileges. It carries a temporary CVSS score of 7.5.
  • CVE-2022-22613 – This vulnerability can lead to arbitrary code execution by an attacker with kernel privileges.
  • CVE-2022-22614 – The vulnerability can cause malicious or arbitrary code execution by an attacker who has kernel privileges.
  • CVE-2022-22615 – This is another arbitrary code execution vulnerability that gets resolved in watchOS 8.5.
  • CVE-2022-22632 – This is an Elevation of Privilege vulnerability that could result from a malicious piece of code or application.
  • CVE-2022-22638 – An application could lead to Denial of Service attack.

Webkit vulnerabilities resolved in watchOS 8.5

  • CVE-2022-22662 – Processing maliciously crafted web content may disclose sensitive user information.
  • CVE-2022-22610 – Processing maliciously crafted web content may lead to code execution.
  • CVE-2022-22624 – Processing maliciously crafted web content may lead to arbitrary code execution.
  • CVE-2022-22629 – Processing maliciously crafted web content may lead to arbitrary code execution.
  • CVE-2022-22637 – A malicious website may cause unexpected cross-origin behavior.

Other vulnerabilities resolved in watchOS 8.5

  • CVE-2022-22633 affects the Accelerated Framework. A malicious PDF file could be used to execute arbitrary code on the target devices.
  • CVE-2022-22666 affects the AppleAVD and can lead to heap corruption upon processing a maliciously crafted image.
  • CVE-2022-22611 affects the ImageIO. Processing a maliciously crafted image may lead to arbitrary code execution.
  • CVE-2022-22612 affects the ImageIO. Processing a maliciously crafted image may lead to heap corruption.
  • CVE-2021-36976 affects the libarchive. Memory corruption issues have been found on the libarchive due to multiple issues.
  • CVE-2022-22670 affects the MediaRemote and a malicious application may be able to identify what other applications a user has installed.
  • CVE-2022-22618 allows the phone user to bypass the Emergency SOS passcode prompt.
  • CVE-2022-22609 can cause a malicious application to access another applications’ details and settings.
  • CVE-2022-22654 affects the Safari. The address bar on the Safari browser may be spoofed after you visit a malicious website.
  • CVE-2022-22600 allows a malicious application to bypass certain Privacy preferences. This one affects the Sandbox.
  • CVE-2022-22599 affects Siri. A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen.
  • CVE-2022-22621 affects the UIkit. A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions.

All these vulnerabilities are patched in watchOS 8.5.

Summary

Apple Watch’s March security update is significant. The CISA has also advised installing the latest patch on the Apple Watch to resolve security vulnerabilities on the Apple Watch’s operating system. The update process is pretty straightforward. You could install using the paired iPhone. Or, you could download the patch directly on the Apple Watch’s device storage. We do suggest patching your Apple Watch with watchOS 8.5 version on a priority basis.

You may also like to read more about the content related to Apple Watches below: