Apple Reassures Users: Flaws in WikiLeaks/CIA Vault7 Leak Already Patched
On March 7th, WikiLeaks entered the news and made waves again by releasing almost nine thousand documents they claimed came from within the US Central Intelligence Agency. Contained in the leak was a vast range of information about the CIA’s intelligence gathering practices regarding technology. The revelations included information that the agency had undertaken spying efforts through exploiting vulnerabilities in various technologies, including some “smart” TVs and mobile operating systems. Also, contained within the documents, however, were fourteen previously undisclosed flaws in iOS. Through these flaws, an attacker could have eavesdropped on an iPhone’s communications or hijacked the device entirely.
However, iPhone users should not worry. Within a day of the leak, Apple issued a statement claiming that many of the issues had already been identified and patched. In the statement, Apple said that iOS 10.2.1, released on January 23, 2017, contained the necessary fixes to these issues. Yet Apple also stated that it continued to work on correcting any issues identified in the leak. Keep an eye out for any forthcoming updates. If you have not already updated your iPhone to the latest version, now is a perfect time. Not only will it ensure protection against these flaws, but 10.2.1 remedies numerous other security issues as well.
The good news is that these exploits were unlikely ever used in widespread attacks. The additional fact that the issues have been fixed for almost two months also should put users more at ease. It is important to remember, though, that there are always other threats to our devices. While you may know and understand many of those threats, you can’t understand the risks you don’t know. Periodically reminding yourself that such unknown threats exist can help improve your security. Vigilance against intrusion isn’t something to leave for later.
Though the vast trove of documents released by WikiLeaks contained many revelations, the fact remains that vulnerabilities were withheld from companies responsible for fixing them, highlighting once again the complicated ways in which modern technology, government, and privacy intersect. Just as with the FBI’s demands for unlocking iPhones, though, Apple continues trying to work in the best interest of its users. Continue to watch for new security updates, and always keep your devices as current as possible.