News

iOS bug puts 1.4 billion iPhone and iPad users at risk

Before we get started

After spending over 20 years working with Macs, both old and new, theres a tool I think would be useful to every Mac owner who is experiencing performance issues.

CleanMyMac is highest rated all-round cleaning app for the Mac, it can quickly diagnose and solve a whole plethora of common (but sometimes tedious to fix) issues at the click of a button. It also just happens to resolve many of the issues covered in the speed up section of this site, so Download CleanMyMac to get your Mac back up to speed today.

mac-pc

Apple is not having a good week. Shortly after the company’s aggressive battery practices were revealed and Face ID was hacked, something emerged that should concern every iPhone and iPad user.

Security company Check Point has discovered that there is a way to hack all iPhones and iPads, from those running iOS 8 to those running the beta version of iOS 13. As many as 1.4 billion devices might be affected.

What Check Point found is that the very popular SQLite database could be used to exploit the Contacts app integrated into iOS so that a simple search for a contact can fool someone’s iPhone or iPad into running hostile code capable of stealing passwords and other user data.

The crucial question now is why the Contacts app vulnerability exists in the first place. It capitalises on a known bug that Apple has failed to fix for four years. Apparently, the Cupertino-based firm made the mistake of regarding the issue as insignificant. Apple believed that the bug could only be triggered when an unknown app accesses the database – and in iOS, there are, of course, no unknown apps.



The Check Point team, however, used the trusted and seemingly innocuous old Contacts app to send the malicious code that triggered the bug. For now, most iPhone and iPad users are not at high risk: a hacker will first have to access your unlocked iPad or iPhone before running the code, but someone with ill intentions might well find a way around that very soon.

In July, six bugs were discovered in iMessage that enabled hackers to access your private data from anywhere – and one of them has not been patched yet.

Apple might soon fix this particular bug, but what about those that nobody has discovered yet?

Tags

About the author

Chris

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.