Apple Corrects Slew of Security Issues with New Updates
Following a month-long gap after the release of iOS 10.1.1, Apple has finally released its latest round of updates not just for its iOS devices but several other products as well. In addition to iOS 10.2, macOS Sierra received many security updates, as did Safari. iCloud and iTunes for Windows also received minor patches as well. While Apple took the time to add some additional features and tweaks to iOS in its update, these patches were mainly aimed at closing many ongoing system vulnerabilities.
Among the most crucial fixes included is a patch for the iPhone unlock exploit which we covered recently. In this exploit, an attacker with physical device access could overload a field on the lock screen to eventually gain access to a user’s contacts and photos. This loophole has been closed. Also fixed were problems related to malicious video files and potential vulnerabilities leading to the ability to execute arbitrary code. Additionally, Apple corrected approximately 12 issues relating to the way iOS and the macOS kernel handles memory. Though specific information about these vulnerabilities has yet to be released, it’s safe to say Apple has been thorough in their latest efforts to clean up their code.
Apple also took the step of rectifying a rather strange bug in iOS. In certain situations, with the VoiceOver option turned on, a user could cause the device to read passwords aloud. This feature has been disabled in the relevant sections of iOS to help preserve password security for users. While the updates to macOS don’t fix anything quite so comical and simple, they also represent a step forwards for the security of the system.
Finally, this update also addresses many problems which have been affecting the Safari browser across platforms. 24 updates to Safari in total were made available, with all but one of them being modifications to the WebKit engine that powers the browser. By extension, these updates also make other WebKit-powered iOS browsers, like Chrome, safer to use. Many of these same WebKit vulnerabilities were the same issues patched in the iTunes and iCloud versions created for Windows users.
As always, we strongly recommend you update to the latest versions on all your devices. Many of these fixes have been more than a month in coming. It’s important for users to close off these potential threats. Of course, the added stability is always a welcome bonus.