Apple Patch Reopens Security Vulnerability

Users of the Apple iPhone are being urged not to install the latest iOS update, as the new operating system accidentally reopens a previously patch flaw.

The flaw is so seriously that if it is exploited, it could allow hackers to gain complete control of an iPhone or iPad.

It comes after Apple last month released iOS 12.4, which fixed a number of a bug and also switched on support for the Apple Card (Apple’s credit card). But unfortunately it seems that Apple also reopened a flaw that it had fixed in iOS 12.3 in April.

Apple Patch

That vulnerability had been found by Google’s bug-hunting team Project Zero, which could potentially allow a malicious application to execute arbitrary code with system privileges (essentially to jailbreak or gain complete control of an iPad or iPhone).

Apple is reportedly in the process of issuing a fresh iOS update (iOS 12.4.1) in the next few days, so users are advised to hold off updating until then.

Security scares for Apple are rare but have been becoming more common of late as the popularity of their devices makes them an increasingly attractive target for hackers.

This time last year Apple’s main computer network was hacked by an Australian teenager who managed to download 90GB of files and accessed customer accounts.

Just prior to that Apple had dismissed claims by a security researcher, who had said he had discovered a way to gain a brute-force entry into an iPhone.

iBoot scare

Also in 2018 Apple was embroiled in a serious security scare after the source code for iBoot was anonymously posted on GitHub.

Unfortunately, iBoot is a critical component of the iPad and iPhone’s operating system. Hackers and security researchers could use it to find vulnerabilities in the iOS operating system or make jailbreaking iOS devices easier.

The discovery of the iBoot source code on GitHub was first noticed by security website Motherboard. Apple quickly filed a copyright takedown request with GitHub to force the company to remove the code.

It later emerged that the original leaker was an Apple intern who shared the source code for iBoot with his friends.

Unfortunately, his friends then shared it with others, and it was from there that the source code was posted online.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Microsoft Executive Indicates Departmental Hiring Slowdown

Amid concern at the state of the global economy, a senior Microsoft executive tells staff…

2 days ago

Shareholders Sue Twitter, Elon Musk For Stock ‘Manipulation’

Disgruntled shareholders are now suing both Twitter and Elon Musk, over volatile share price swings…

2 days ago

Google Faces Second UK Probe Over Ad Practices

UK's competition watchdog launches second investigation of Google's ad tech practices, and whether it may…

2 days ago

Elon Musk Raises His Contribution To Twitter Acquisition

But one of Elon Musk's biggest backers on the Twitter board has tendered his resignation…

3 days ago

Broadcom Confirms VMware Acquisition For $61 Billion

Entry into cloud infrastructure software for US chip firm Broadcom after it confirms reports it…

3 days ago