On Wednesday, Apple released iOS 15.2.1, a minor update to the mobile operating system that fixes bugs, including a denial-of-service vulnerability previously reported by The Verge. The 15.2.1 patch fixes a vulnerability caused by HomeKit, the software API for connecting smart home devices to iOS applications. If the vulnerability was exploited, very long-named HomeKit devices would cause iPhones and iPads to freeze, crash, and reboot endlessly. Since HomeKit device names are backed up to iCloud, logging into the same iCloud account with a restored device would trigger the crash again. Apple's security notice for the 15.2.1 update only mentions one change, a fix for the HomeKit vulnerability. Details of the fix state that a "resource exhaustion issue has been addressed with improved input validation", presumably to prevent long HomeKit device names from being read into memory by iOS devices. In addition to security updates, the patch also fixed a bug affecting the performance of third-party CarPlay apps and another that prevented the Messages app from loading certain photos sent through iCloud. Users can update iOS by opening the Settings app on a device, tapping "General" and then selecting "Software Update." The HomeKit bug was discovered by security researcher Trevor Spiniolas, who published details on his blog on January 1. At the time, Spiniolas accused Apple of being slow to respond to its first disclosure, which was made in August 2021. According to Spiniolas' blog, the bug affects iOS versions at least as far back as 14.7 and likely earlier, meaning these devices are still vulnerable. Owners of iPhones or iPads should update their devices as soon as possible to take advantage of the new update.