watchOS 10.0.2 released with unspecified "important" security fixes

The official release notes vaguely mention that watchOS 10.0.2 brings “important” security fixes to the Apple Watch Series 9 and Ultra 2 models.

A photograph showing an Apple Watch Series 6 case sitting upright on a table, with a colorful lights in the background blurred with a depth-of-field effect — Apple should soon detail fixes in watchOS 10.0.2 | Image credit: AB/Unsplash

The watchOS 10.0.2 software squishes bugs and brings (at this point) unspecified security patches Apple characterized as “important.” The software update doesn’t appear to fix a problem with the Apple Weather complication not loading data.

You can install watchOS 10.0.2 in Settings > General > Software Update on the device itself or via the companion Watch app on the paired iPhone. You may need to enter your passcode on each device to authorize the installation.

What security fixes does watchOS 10.0.2 bring?

Release notes accompanying the update are not very helpful, only mentioning that watchOS 10.0.2 “includes bug fixes and important security updates for your Apple Watch.” Support documents dedicated to the company’s security releases (linked below) didn’t shed more light on the patched security vulnerabilities either.

This is usually a sign that an update has resolved a zero-day vulnerability or addresses an issue that has been exploited in the wild. In those cases, Apple delays the publication of detailed release notes to avoid revealing the vulnerability too early.

“For the protection of our customers, Apple doesn’t disclose, discuss or confirm security issues until an investigation has occurred and patches or releases are generally available,” Apple notes.

Does watchOS 10.0.2 fix a Weather complication bug?

No, watchOS 10.0.2 doesn’t fix a bug that was introduced in watchOS 10.0, which prevents the Weather complication (but not the Weather app itself) from loading and displaying relevant data. Apple has offered two potential workarounds for this issue until a future watchOS update brings a proper permanent fix.

Apple also dropped iOS 17.0.2 and iPadOS 17.0.2 yesterday with a fix for a data-transfer problem that might occur during the setup process when transferring data between two nearby iPhones or iPads directly. Interestingly, neither update had published CVE entries at post time. That usually indicates a strong possibility that iOS 17.0.2, iPadOS 17.0.2 and watchOS 10.0.2 address the same vulnerability.