Apple recently seeded a new update of its latest operating system – the all-new iOS 12.1. This operating system update brings a lot of performance improvements, features and also fixes a large number of vulnerabilities that were present in older versions.
Table of Contents
iOS 12.1 security content explained
Most of the vulnerabilities corrected with this new update pertain to FaceTime, Apple’s video call application.
FaceTime had several security flaws that allowed attackers to execute code in the devices by means of a malicious video, memory corruption, or arbitrary code execution.
Other messaging applications, such as iMessage or VoiceOver, were also affected by several different vulnerabilities.
Another security bug fixed in the stock iOS Contacts app could allow an attacker to generate a denial of service attack on the system using a maliciously crafted vcf file.
Safari web browser, as well as WebKit (Safari’s web engine), have also been affected by quite a few vulnerabilities.
The iOS kernel has also received several important patches to close some security flaws and make it safer. Several drivers, such as graphics, have also received security patches.
Several failures were also detected in components and tools related to encryption, such as CoreCrypto, IPSec and in S/MIME signed messages. Interestingly, Team Pangu is also credited for a memory corruption bug in IOHIDFamily.
In addition to iOS, the other operating systems of Apple, such as watchOS, tvOS and, above all, macOS, have also received patches and security updates, so you must update these devices as soon as possible to stay completely protected from these vulnerabilities.
Lock screen bypass bug still remains unpatched
Despite Apple’s security patches, a YouTube user was able to detect a new lock screen bypass bug that could easily allow a hacker to access private contact information of the user with the iPhone locked.
Since iOS doesn’t prompt the user to enter the passcode while trying to access user data through FaceTime, even a kid can access your contact data.
At the moment, Apple has not released any statement about this security failure, so we do not know when the company will fix it. Hopefully, the upcoming iOS 12.2 build will be able to successfully patch it.
As of right now, the only thing you can do to keep your device safe is keep a tab on anyone who has access to your smartphone.