Thursday, November 14, 2024

iOS 18 introduces key security fixes

iOS 18 introduces many important security fixes.


iOS 18 introduces key security fixes

Apple’s iOS 18 and iPadOS 18 introduce a variety of different security improvements and fixes. Here’s what you need to know, and why you should consider updating right away.

On Monday, Apple released its latest operating systems, iOS 18 and iPadOS 18, making them finally available to the general public. While the updates themselves introduce an assortment of new features, they also contain many important security fixes.

As with every major iOS update, iOS 18 fixes core security issues related to different features and aspects of the operating system. Many of the fixes introduced on Monday prevent attackers, apps, and unauthorized users from gaining access to sensitive user information, such as contact details or photos.

iOS 18 introduces different Accessibility-related security fixes. These now-patched Accessibility-related vulnerabilities gave attackers with physical access to locked devices ways of accessing sensitive user data.

One of the aforementioned Accessibility vulnerabilities allowed attackers to use Siri as a means of gathering sensitive data, while another allowed attackers to control nearby devices through accessibility features. Both security issues were patched by Apple through “improved state management.”

An additional security issue made it possible for attackers to use Assistive Access to see recent photos without authentication. Apple resolved this Accessibility vulnerability with iOS 18 by restricting the options offered on a locked device.

The security fixes in iOS 18 that keep your data safe

Control Center received a fix for a security issue that allowed applications to record the screen without displaying the proper indicator in the status bar, meaning that users may not have been aware their screen was recorded. Apple fixed this security issue by using “improved checks.”

FileProvider and Game Center both had security issues that allowed apps to access sensitive user data. Apple addressed the FileProvider issue in iOS 18 by employing improved validation of symlinks and fixed Game Center’s file access issue with improved validation.

Two smartphone screens demonstrating Control Center features: arranging widgets in jiggle mode on the left and choosing controls on the right. Text: Control Center, Choose Controls, Third-party controls.

Control Center is upgraded and has been patched for known vulnerabilities

A privacy issue within the Mail application, discovered by Rodolphe Brunetti, meant that apps were able to access user contact information. Apple addressed this issue with “improved private data redaction for log entries.”

A Sandbox security issue, discovered by Csaba Fitzl of Offensive Security, allowed applications to leak sensitive user information. iOS 18 fixes this issue with the use of improved data protection. Similarly, a Transparency permissions issue allowed apps to access sensitive user data. Apple addressed this issue with additional restrictions.

iOS 18’s security features prevent denial-of-service attacks

Some of the now-patched vulnerabilities allowed bad actors to perform so-called denial-of-service or DoS attacks.

An issue with mDNSresponder meant that apps were able to cause a denial of service, while ImageIO and ModelI/O issues meant that processing an image could cause a denial of service. Remote attackers were also able to cause a denial of service through a previously unpatched cellular security issue.

iOS 18 resolves the mDNSResponder logic error through improved error handling, while the Cellular issue was addressed with improved state management. Improved bounds checking patched the ImageIO issue, while the ModelI/O security issue was handled by a third party, as it involves open-source software.

Safari received patches for two separate vulnerabilities, discovered by Kenneth Chew and Anamika Adhikari, which both allowed access to Private Browsing tabs without prior authentication. The two security issues were fixed by Apple in iOS 18 and iPadOS 18 through improved state management.

Two WebKit vulnerabilities related to malicious web content were also patched in iOS 18. One of the security issues allowed malicious websites to exfiltrate data cross-origin, while the other meant that processing maliciously crafted web content could lead to universal cross-site scripting. The latter was fixed through improved state management, while the former was resolved via “improved tracking of security origins.”

On a similar note, a libxml2 security issue meant that processing malicious web content could result in an unexpected process crash. For this issue, Apple addressed an integer overflow through improved input validation.

A WiFi-related security issue was patched with iOS 18 as well. The now-resolved security issue allowed attackers to force a device to disconnect from a secure network. Apple fixed this integrity issue with iOS 18 through “Beacon Protection.”

Mobile screen displaying Reader mode options with color choices, 'Listen to Page' and 'Hide Reader' buttons, and options for glyph size and action.

iOS 18 introduces a new Reader view for Safari, but it also adds some key security fixes.

Andrew Lytvynov informed Apple of a separate kernel-related logic issue, which allowed network traffic to leak outside a VPN tunnel. Apple fixed this logic issue through “improved checks.”

Similarly, a NetworkExtension issue allowed apps to gain unauthorized access to the devices’ Local Network. As with many other security issues in this list, Apple fixed this issue with improved state management.

Siri also received two important security fixes. One of them addresses a vulnerability that previously gave applications access to sensitive user information. The other fix prevents attackers with physical access from seeing the user’s contacts through the lock screen.

Bluetooth and other iOS 18 security fixes

Several researchers reported a kernel-related security issue, which gave apps unauthorized access to the Bluetooth feature. As with the previously mentioned vulnerabilities for Safari, the issue was resolved via “improved state management”.

Another Bluetooth-related issue allowed malicious Bluetooth input devices to bypass pairing. Improved state management fixes this issue in iOS 18.

UIKit received a security fix, which resolves a vulnerability that previously let attackers cause an unexpected app termination. Apple resolved this issue in iOS 18 by employing improved bounds checks.

The full list of security updates and fixes for iOS 18 and iPadOS 18 can be seen on Apple’s security website. Alongside the security fixes already mentioned, Apple also addressed various other issues related to IOSurfaceAccelerator, Notes, Printing, and more.

It’s important to always keep your operating system up-to-date, as Apple’s latest security fixes ensure that bad actors have a much more difficult time obtaining your private user data.

Related Articles

Latest Articles