Apple Patch Reopens Security Vulnerability

Users of the Apple iPhone are being urged not to install the latest iOS update, as the new operating system accidentally reopens a previously patch flaw.

The flaw is so seriously that if it is exploited, it could allow hackers to gain complete control of an iPhone or iPad.

It comes after Apple last month released iOS 12.4, which fixed a number of a bug and also switched on support for the Apple Card (Apple’s credit card). But unfortunately it seems that Apple also reopened a flaw that it had fixed in iOS 12.3 in April.

Apple Patch

That vulnerability had been found by Google’s bug-hunting team Project Zero, which could potentially allow a malicious application to execute arbitrary code with system privileges (essentially to jailbreak or gain complete control of an iPad or iPhone).

Apple is reportedly in the process of issuing a fresh iOS update (iOS 12.4.1) in the next few days, so users are advised to hold off updating until then.

Security scares for Apple are rare but have been becoming more common of late as the popularity of their devices makes them an increasingly attractive target for hackers.

This time last year Apple’s main computer network was hacked by an Australian teenager who managed to download 90GB of files and accessed customer accounts.

Just prior to that Apple had dismissed claims by a security researcher, who had said he had discovered a way to gain a brute-force entry into an iPhone.

iBoot scare

Also in 2018 Apple was embroiled in a serious security scare after the source code for iBoot was anonymously posted on GitHub.

Unfortunately, iBoot is a critical component of the iPad and iPhone’s operating system. Hackers and security researchers could use it to find vulnerabilities in the iOS operating system or make jailbreaking iOS devices easier.

The discovery of the iBoot source code on GitHub was first noticed by security website Motherboard. Apple quickly filed a copyright takedown request with GitHub to force the company to remove the code.

It later emerged that the original leaker was an Apple intern who shared the source code for iBoot with his friends.

Unfortunately, his friends then shared it with others, and it was from there that the source code was posted online.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Apple Slashes iPhone Prices In China

Amid intense competition from Huawei and others, Apple has again slashed the price of its…

3 hours ago

Bitcoin ‘Creator’ Craig Wright Repeatedly Lied, Rules UK Judge

Damning ruling by British judge, after he rules that self-proclaimed bitcoin inventor lied 'repeatedly' to…

3 hours ago

Julian Assange Granted Right To Challenge US Extradiction Order

High Court rules Wikileaks founder Julian Assange can appeal against extradition to the US, despite…

5 hours ago

Tesla Layoffs Continue With Another 600 Jobs In California

Regulatory filing last week shows Elon Musk's Tesla is cutting another 600 jobs in California,…

6 hours ago

UK Regulator Declines To Investigate Microsoft’s Mistral AI Deal

Weeks after seeking feedback on Microsoft's partnership with Mistral AI, UK regulator says it does…

9 hours ago

UK AI Safety Institute To Open Office In US

Seeking collaboration on AI regulation, UK's AI Safety Institute to cross Atlantic and will open…

10 hours ago