Apple releases iOS 15.2.1 to patch a critical HomeKit DDoS vulnerability

Igor Bonifacic

Apple has launched iOS , its newest software program replace for latest iPhone and iPad gadgets. The patch addresses a vulnerability discovered throughout the firm’s HomeKit protocol for connecting disparate sensible dwelling gadgets. The bug allowed malicious people to power an iPhone or iPad to repeatedly crash and freeze by altering the identify of a HomeKit-compatible system to incorporate greater than 500,000 characters. Since iOS backs up HomeKit system names to iCloud, it was doable for iOS customers to get caught in an infinite loop of crashes.

Safety researcher found the vulnerability and publicly disclosed it on January 1st. In accordance with Spiniolas, he knowledgeable Apple of the bug again in August. The corporate had reportedly deliberate to handle the vulnerability earlier than the tip of 2022 however later delayed a repair to early 2022. “I imagine this bug is being dealt with inappropriately because it poses a critical threat to customers and lots of months have handed and not using a complete repair,” Spiniolas stated on the time.

Spiniolas discovered that the vulnerability is current inside Apple’s cell working system way back to iOS 14.7, however stated he believes it exists in all variations of iOS 14. In different phrases, in case you’ve been holding off on putting in iOS 15, now’s the time to replace your Apple gadgets.

All merchandise really helpful by Engadget are chosen by our editorial staff, unbiased of our dad or mum firm. A few of our tales embrace affiliate hyperlinks. In case you purchase one thing by way of certainly one of these hyperlinks, we might earn an affiliate fee.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts