News

iOS 15 Patched Security Hole That Could Have Exposed Users’ Private Apple ID Information to Third-Party Apps

Apple has revealed in a recent support document update that the release of iOS 15 patched two significant security vulnerabilities that could have exposed users’ private Apple ID information and in-app search history to third-party apps. The update also fixed a bug that allowed apps to override the user’s privacy preferences.

Apple says the September 2021 debut of iOS 15 and iPadOS 15 brought “additional sandbox restrictions on third-party applications” as a patch, and Apple credits developer Steve Troughton-Smith for his assistance in finding and patching the vulnerability.

Impact: A malicious application may be able to access some of the user’s Apple ID information, or recent in-app search terms
Description: An access issue was addressed with additional sandbox restrictions on third-party applications.
CVE-2021-30898: Steven Troughton-Smith of High Caffeine Content (@stroughtonsmith)
Entry added January 19, 2022

iOS 15, iPadOS 15, and watchOS 8.0 also patched a security hole that allowed a third-party app to bypass Privacy preferences.

Apple also updated its security content pages for iOS 15.1iOS 14tvOS 15tvOS 15.1macOS Big Sur 11.6.1macOS Big Sur 11.6, and more with newly disclosed security vulnerabilities for each of the updates.

(Via MacRumors)

Chris Hauk

Chris is a Senior Editor at Mactrast. He lives somewhere in the deep Southern part of America, and yes, he has to pump in both sunshine and the Internet.