iPhone users at risk of data theft, should update now
Cybersecurity experts are sounding alarm bells over a possible security risk for iPhone users who are delaying an update. The threat, a malicious bug, can circumvent security measures meant to prevent unauthorized app access to user data. The problem has been fixed in Apple's iOS 18 update, released in September. However, many users are deliberately shunning the update over Apple Intelligence, the company's first AI program.
Bug compromises iPhone's TCC subsystem
The bug in question endangers the transparency, consent, and control (TCC) subsystem of an iPhone. This could potentially give hackers a way to access sensitive data through an app without the user being alerted. The bug stops the TCC from notifying users when an app tries to access data like photos or location. This security flaw has been listed in the National Vulnerability Database in the US.
Data breach occurs without leaving any trace
The exploitation of this bug happens without leaving behind any trace of the data accessed, which is a major threat to user privacy and data security as a whole. Researchers looking into the matter have warned that this is especially alarming. They also observed an added security risk as hackers are now targeting both data and intellectual property that can be accessed from multiple locations.
Delayed updates increase risk of data theft
Michael Covington, Vice President of Strategy at software company Jamf, has warned the longer users delay updating their devices, the more they expose themselves to risk. He stressed as awareness about this harmful bug spreads among the public, it also reaches more potential hackers. "Applying critical patches as soon as they are published helps to thwart attackers looking to target victims through the latest vulnerabilities," Covington advised.
