Apple users are being warned to exercise particular caution over their cybersecurity for the next few days
News24xx.com - Apple users are being warned to exercise particular caution over their cybersecurity for the next few days, after the company mistakenly reopened a security flaw in the latest version of iOS.
In iOS 12.4, released last month, Apple fixed a number of security bugs, as well as enabling support for the Apple Card in the US. But in doing so, the company accidentally reversed a security fix it had previously patched in iOS 12.3 at the end of April.
That vulnerability, discovered by Google’s bug-hunting team Project Zero, theoretically allows “a malicious application … to execute arbitrary code with system privileges”. In other words, if exploited, a malicious application can gain complete control over an iPhone – a dream for hackers and spies the world over.
Such a public, unpatched vulnerability is rare in iOS. Generally, the value of “jailbreaks”, as they are known – since they also allow users to install unauthorised apps on their own phones – is so high to nation states and others that they fight to keep them secret for as long as possible. The last time the newest version of iOS was open to a jailbreak vulnerability was back in 2015, for a period of just seven days.
“No company is immune from making mistakes, even Apple, especially when the software is so complex as the iPhone,” said Javvad Malik, a security awareness advocate at KnowBe4. “While there is a window of opportunity available until a fix comes out to take advantage of the vulnerabilities, users can be vigilant to protect themselves by validating the apps they are downloading are legitimate and safe. Any attackers will likely try to fool users into downloading malicious versions of software to try and exploit the vulnerability.”
Malik added that users who wanted to jailbreak their own phones were advised not to. “As tempting as it may be, unless for research purposes, jailbreaking iPhones can leave them open to many threats – so should not be done.”
Stefan Esser, an iPhone security expert, tweeted an additional warning: “I hope people are aware that with a public jailbreak being available for the latest iOS 12.4 people must be very careful what apps they download from the Apple AppStore. Any such app could have a copy of the jailbreak in it.”
Apple has been contacted for comment. The company is expected to fix the problem again in iOS 12.4.1, which is likely to be published in a few days’ time.
NEWS24XX.COM/DEV/RED
-
Aug 09, 2020 | 10:55 am LT
Mark Zuckerberg has joined the world's most exclus...
-
Aug 08, 2020 | 10:10 am LT
Hitman 3 VR Puts You In The Shoes Of Agent 47...
-
Aug 08, 2020 | 10:08 am LT
2020 iMac Benchmarks Suggests That It Might Be Wor...
-
Aug 08, 2020 | 10:02 am LT
iPhone 12 Production Reportedly Runs Into Quality ...
-
Aug 08, 2020 | 09:54 am LT
Google Pixel 4a Preview...
-
Aug 07, 2020 | 05:16 pm LT
Video gaming growth soars thanks to pandemic...
-
Aug 16, 2020 | 05:06 am LT
Attack of Racism; Give Salute in the style of Nazi...
-
Aug 09, 2020 | 11:50 am LT
Viral Story of an old woman in Indramayu who almos...
-
Aug 09, 2020 | 10:55 am LT
Mark Zuckerberg has joined the world's most exclus...
-
Aug 09, 2020 | 10:45 am LT
Revealed! It turns out that this is the origin of ...
-
Aug 09, 2020 | 10:42 am LT
Severe! A Woman in South Tangerang is Raped After ...
-
Aug 09, 2020 | 09:34 am LT
Dor! This Man's Intestine Explodes After Eating A ...