IPhone Password Bug: Urgent Update Needed to Protect Your Data

IPhone Password Bug: Urgent Update Needed to Protect Your Data

December 15, 2024 Catherine Williams - Chief Editor Business

Urgent iPhone Update:‍ Security Bug Could ‍Leak Your Passwords

Apple users are urged to update ‍their devices promptly to⁣ patch a security flaw that could expose​ sensitive⁢ login details.

The vulnerability, discovered in the new “Passwords” app introduced with iOS 18, allowed malicious​ networks to perhaps ⁢intercept ‍and⁢ steal passwords.‍

The app, designed to conveniently store and autofill‍ login credentials, was using unencrypted HTTP (Hypertext Transfer Protocol) to download icons for password entries. this meant that data transmitted between the app and the internet was not protected, ⁤leaving it susceptible to ⁤interception.

“Since iOS 18 launched, the new Passwords app has been using unencrypted HTTP to download⁢ icons for password entries – a potential security risk,” explained security researcher Tommy Mysk, ⁣who first identified the bug.

Mysk‌ reported​ the issue to Apple⁣ in September, and the tech giant has since released a fix in ‌iOS 18.2.​ The ⁣update now uses HTTPS, a secure protocol ⁤that‍ encrypts⁤ data transmission, ⁢effectively eliminating​ the vulnerability.

Apple confirmed the fix,‍ stating: ⁢ “This⁣ issue was addressed by using HTTPS when sending⁢ information over the network.”

iPhone ​owners are strongly ‌advised to update their devices‍ to‌ iOS​ 18.2 quickly to ensure their passwords remain secure.

A glitch was detected with an Apple app ​introduced through iOS 18
A glitch was detected with an ‍Apple app introduced through iOS 18. Credit: Getty

​ Apple Passwords App Bug Could Have Exposed User Logins: An ‌Expert Weighs In ‌

NewsDiretory3.com: A recently discovered security flaw in ‍Apple’s ⁣new “Passwords” app has raised concerns about the security of user login ‍credentials. We spoke with‍ security researcher Tommy mysk,⁣ who first identified the vulnerability, to⁢ understand ⁢the risks and the steps ​users should take.

NewsDirectory3.com: ⁤ ⁣ can you explain ‌the‍ specific vulnerability you found in the Passwords app?

Tommy mysk: The Passwords app, designed to securely​ store and autofill logins, was using unencrypted ​HTTP to download icons for password entries. This meant that data transmitted between the app⁤ and the internet wasn’t protected, leaving it open to interception by malicious networks.

NewsDirectory3.com: ‍ What ⁢kind of information ⁤could‌ have been compromised through this vulnerability?

Tommy Mysk: Essentially, any passwords‌ stored within the app could have been at risk. while the ⁣vulnerability didn’t directly expose the passwords themselves, attackers could ⁣have potentially intercepted ⁤them as they were being⁣ transmitted during ⁤the icon download process.

NewsDirectory3.com: How did Apple respond to your⁣ finding?

Tommy Mysk: I reported the issue to apple in​ September, and they were rapid to⁣ address it. ⁤The ‍fix was included in‌ the iOS 18.2 update, which now uses HTTPS, a secure protocol that encrypts data transmission.

NewsDirectory3.com: What’s your advice to iPhone ​users now?

Tommy Mysk: It’s crucial ​for all⁤ iPhone‌ users to update their devices​ to iOS 18.2 as soon as possible. This update eliminates the vulnerability and ⁣ensures that your passwords are protected.

, ,