Apple Patch Reopens Security Vulnerability

Users of the Apple iPhone are being urged not to install the latest iOS update, as the new operating system accidentally reopens a previously patch flaw.

The flaw is so seriously that if it is exploited, it could allow hackers to gain complete control of an iPhone or iPad.

It comes after Apple last month released iOS 12.4, which fixed a number of a bug and also switched on support for the Apple Card (Apple’s credit card). But unfortunately it seems that Apple also reopened a flaw that it had fixed in iOS 12.3 in April.

Apple Patch

That vulnerability had been found by Google’s bug-hunting team Project Zero, which could potentially allow a malicious application to execute arbitrary code with system privileges (essentially to jailbreak or gain complete control of an iPad or iPhone).

Apple is reportedly in the process of issuing a fresh iOS update (iOS 12.4.1) in the next few days, so users are advised to hold off updating until then.

Security scares for Apple are rare but have been becoming more common of late as the popularity of their devices makes them an increasingly attractive target for hackers.

This time last year Apple’s main computer network was hacked by an Australian teenager who managed to download 90GB of files and accessed customer accounts.

Just prior to that Apple had dismissed claims by a security researcher, who had said he had discovered a way to gain a brute-force entry into an iPhone.

iBoot scare

Also in 2018 Apple was embroiled in a serious security scare after the source code for iBoot was anonymously posted on GitHub.

Unfortunately, iBoot is a critical component of the iPad and iPhone’s operating system. Hackers and security researchers could use it to find vulnerabilities in the iOS operating system or make jailbreaking iOS devices easier.

The discovery of the iBoot source code on GitHub was first noticed by security website Motherboard. Apple quickly filed a copyright takedown request with GitHub to force the company to remove the code.

It later emerged that the original leaker was an Apple intern who shared the source code for iBoot with his friends.

Unfortunately, his friends then shared it with others, and it was from there that the source code was posted online.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

2 days ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

2 days ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

2 days ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

3 days ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

3 days ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

3 days ago