News Tech

Apple iOS system upgrade might compromise millions of tablets/phones’ data security

This vulnerability does not affect the hardware running on the A12 chip system. iPhone X will be affected. However, the iPhone XR, iPhone XS and iPhone XS Max won’t be affected.

According to foreign media reports, Apple has been fighting to ensure the security of the iOS platform. However, the company has recently made an unforgivable mistake. According to our sources, during the migration upgrade to iOS 12.4, the old vulnerabilities that Apple had patched were cracked again. This makes it possible to run unsigned code on the iPhone running the latest version of iOS.

This may be a deliberate choice (typically jailbreak behavior) of a user who wishes to access an alternate app store or access a feature that is not normally available. However, it is more likely to be maliciously used. For instance, using a vulnerability in another app that allows code to run remotely on any of the latest iPhones.

Read also: Audi’s first electric car sales exceeded expectations and became Tesla’s strongest competitor

This is a huge mistake for Apple. It cannot be overemphasized. However, some restrictions need to be noted. First, the vulnerability will not affect the hardware running on the A12 chip system. iPhone X will be affected. Unfortunately, Apple has never published sales data for new phones. Therefore, it is unclear how many users are affected.

Additionally, users need to install IOS 12.4. However, this  is the time when Apple’s ability to transfer its user base to the latest version of the mobile operating system is not helpful. Unfortunately, Apple removed iOS 12.2 and 12.3 from their servers and revoked their signatures. Therefore, there was no choice but to upgrade to iOS 12.4.

For those devices that are jailbroken to facilitate access to certain features, if they use Apple’s online services, there may be persistent problems. There is no doubt that this will result in repeated checks on the devices connected to them.

Read also: Here is Samsung Galaxy Note 10 – the new king of smartphones.

In the real world, let’s put together these puzzle pieces. Users can download an app from the Apple App Store that exploits this vulnerability to “escape” the iOS sandbox provided by the operating system.

Jonathan Levin, a security researcher and trainer specializing in iOS, said: “Since iOS 12.4 is the latest version of the iOS system currently available, it is also the only version that Apple is allowed to upgrade in the next few days (until 12.4) .1 release). All devices running this version of the system (or any version below 12.3) are hackable. This means that they are also vulnerable to exploits that have actually been exposed for more than 100 days.”

Given that Apple was notified of this vulnerability by Google’s Project Zero team more than 100 days ago, people who are not friendly to Apple’s user security system are likely to be aware of this issue and may exploit it quietly in the background.

Related posts

Google will install a new data center in Chile: the investment will be US $ 200 million

njoo

Apple might push the independent operating system – SiriOS next year, against Amazon and Google assistants

njoo

Do you use Office 365? You better watch out. Someone is impersonating Microsoft’s service

njoo

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More