Apple yesterday released iOS 10.3 for the iPhone and iPad, an update that brought with it a number of interesting new features, including a new “Find My AirPods” feature and a brand new file system dubbed APFS (complete with full disk encryption) that Apple originally introduced at WWDC last year.
Lurking beneath the surface of iOS 10.3, however, are a number of important security updates worth highlighting. iOS has always been a rather robust OS, but as the recent CIA leak from Wikileaks demonstrates, there are always hackers and government agencies dead set on unearthing and exploiting iOS security holes.
As a prime example, iOS 10.3 fixes a Safari security vulnerability that allowed hackers to prevent affected users from browsing the web (via an endless stream of pop-ups) without ponying up some cash in the form of an iTunes gift card code.
Lookout, the security firm which first discovered the attack a few weeks ago, writes of the patch:
Lookout found this attack in the wild last month, along with several related websites used in the campaign, discovered the root cause, and shared the details with Apple. As part of the iOS 10.3 patch released today, Apple closed the attack vector by changing how Mobile Safari handles website pop-up dialogs, making them per-tab rather than taking over the entire app.
All told, iOS 10.3 introduces hundreds of security fixes, a tally which makes iOS 10.3 an update you’d be well advised to download sooner rather than later. While some of the fixes are rather obscure, a good number of them address exploits that allow for arbitrary code execution with root privileges.
iOS 10.3 fixes a nasty Safari bug and includes hundreds of other security fixes
Moderators: Lily Lee, jc_3u, Moderators
-
Jacob Black
- Posts: 248
- Joined: 27 Jul 2016 14:51
- like: 70
iOS 10.3 fixes a nasty Safari bug and includes hundreds of other security fixes
You do not have the required permissions to view the files attached to this post.