What's New in iOS 10.2:

iOS 10.2 introduces new features including the TV app (US Only), a new and unified experience for accessing your TV shows and movies across multiple video apps. Emoji have been beautifully redesigned to reveal more detail and over 100 new emoji have been added including new faces, food, animals, sports, and professions. This update also includes stability improvements and bug fixes.

TV

  • Use Up Next to see the movies and shows you're currently watching and pick up where you left off
  • Get recommendations for new movies and TV shows in Watch Now
  • Discover new apps and the latest iTunes releases in the Store
  • Access the Library for your iTunes purchases and rentals

Emoji

  • Beautifully redesigned emoji that reveal even more detail
  • Over 100 new emoji including new faces, food, animals, sports and professions

Photos

  • Improves stabilization and delivers faster frame rate for Live Photos
  • Improves accuracy of groupings of similar photos of the same person in the People album
  • Fixes an issue where Memories might generate a memory from photos of screenshots, whiteboards or receipts
  • Fixes an issue where the camera would stay zoomed after switching back from the Camera Roll on an iPhone 7 Plus
  • Additional support for RAW digital cameras

Messages

  • Adds new love and celebration full screen effects in Messages
  • Fixes an issue that sometimes prevented the keyboard from displaying in Messages

Music

  • Swipe up the Now Playing screen to more easily access Shuffle, Repeat, and Up Next
  • Choose how to sort Playlists, Albums and Songs in Library

News

  • Stories you've saved for later now appear in the Saved section
  • The best paid stories from channels you subscribe to will appear in a dedicated section in For You
  • It's now easier than ever to get to the next story, just swipe left or tap next story while reading

Mail

  • Fixes an issue that caused the Move sheet to persist after filing a Mail message
  • Addresses an issue with long press activating copy and paste in Mail
  • Fixes an issue in which the wrong message would be selected after deleting a Mail conversation

Accessibility

  • Adds BraillePen14 support to VoiceOver
  • Fixes an issue where the braille table could switch unexpectedly with VoiceOver
  • Fixes an issue where sometimes Siri enhanced voices were unavailable to VoiceOver
  • Fixes an issue where VoiceOver users could not re-order items in lists
  • Fixes an issue where Switch Control was sometimes unable to delete Voicemails

Other improvements and fixes

  • Adds notification support for HomeKit accessories including window coverings, occupancy, motion, door/window, smoke, carbon monoxide, and water leak sensors
  • Adds notification support for HomeKit accessories when software updates are available to HomeKit accessories
  • Improve Bluetooth performance and connectivity with 3rd party accessories
  • Fixes an issue that could cause FaceTime participants to appear out of focus
  • Fixes an issue that could cause FaceTime calls to appear with incorrect aspect ratio and orientation
  • Fixes an issue that prevented some Visual Voicemail from completing playback
  • Fixes a Safari Reader issue that could cause articles to open in empty pages
  • Fixes an issue that could cause Safari to quit unexpectedly after marking an item as read in Reading List

Security Changes in iOS 10.2:

Accessibility

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: A nearby user may be able to overhear spoken passwords
  • Description: A disclosure issue existed in the handling of passwords. This issue was addressed by disabling the speaking of passwords.
  • CVE-2016-7634: Davut Hari

Accessibility

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: A person with physical access to an iOS device may be able to access photos and contacts from the lock screen
  • Description: A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device.
  • CVE-2016-7664: Miguel Alvarado of iDeviceHelp

Accounts

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: An issue existed which did not reset the authorization settings on app uninstall
  • Description: This issue was addressed through improved sanitization.
  • CVE-2016-7651: Ju Zhu and Lilang Wu of Trend Micro

Find My iPhone

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: An attacker with an unlocked device may be able to disable Find My iPhone
  • Description: A state management issue existed in the handling of authentication information. This issue was addressed through improved storage of account information.
  • CVE-2016-7638: Sezer Sakiner, an anonymous researcher

Graphics Driver

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: Watching a maliciously crafted video may lead to a denial of service
  • Description: A denial of service issue existed in the handling of video. This issue was addressed through improved input validation.
  • CVE-2016-7665: Moataz El Gaml of Schlumberger, an anonymous researcher

Image Capture

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: A malicious HID device may be able to cause arbitrary code execution
  • Description: A validation issue existed in the handling of USB image devices. This issue was addressed through improved input validation.
  • CVE-2016-4690: Andy Davis of NCC Group

Local Authentication

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: The device may not lock the screen after the idle timeout
  • Description: A logic issue existed in the handling of the idle timer when the Touch ID prompt is shown. This issue was addressed through improved handling of the idle timer.
  • CVE-2016-7601: an anonymous researcher

Mail

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: An email signed with a revoked certificate may appear valid
  • Description: S/MIME policy failed to check if a certificate was valid. This issue was addressed by notifying a user if an email was signed with a revoked certificate.
  • CVE-2016-4689: an anonymous researcher

Media Player

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: A user may be able to view photos and contacts from the lockscreen
  • Description: A validation issue existed in the handling of media selection. This issue was addressed through improved validation.
  • CVE-2016-7653

Profiles

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: Opening a maliciously crafted certificate may lead to arbitrary code execution
  • Description: A memory corruption issue existed in the handling of certificate profiles. This issue was addressed through improved input validation.
  • CVE-2016-7626: Maksymilian Arciemowicz (cxsecurity.com)

SpringBoard

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: A person with physical access to an iOS device may be able to unlock the device
  • Description: In some cases, a counter issue existed in the handling of passcode attempts when resetting the passcode. This was addressed through improved state management.
  • CVE-2016-4781: an anonymous researcher

SpringBoard

  • Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
  • Impact: A person with physical access to an iOS device may be able to keep the device unlocked
  • Description: A cleanup issue existed in the handling of Handoff with Siri. This was addressed through improved state management.
  • CVE-2016-7597: an anonymous researcher