Apple Fixes iOS 11.2 Homekit Vulnerability

Ivan Schwartz
December 9, 2017

A HomeKit vulnerability was found in the current version of iOS 11.2 that gave unauthorised access to connected smart devices like smart locks and garage door openers. It describes the bug as "difficult to reproduce", but said that it potentially "allowed unauthorized control of HomeKit-connected accessories including smart lights, thermostats, and plugs". Still, it was unsafe.

The vulnerability, disclosed to 9to5Mac, required at least one iPad, iPhone or iPod Touch running the latest software version iOS 11.2 to have connected to the iCloud account associated with the HomeKit system.

Users who were affected don't need to take any action to secure their devices as Apple has already implemented a server side update, which has fixed the problem. However, "The fix temporarily disables remote access to shared users, which will be restored in a software update early next week", an Apple spokesperson said. The company rushed out a fix for the security bug, which then broke the file sharing system, which itself needed fixing in a later software update.

Bryan Singer denies allegation that he raped a 17-year-old boy
BS was recently fired as director of Queen biopic Bohemian Rhapsody because he was "unexpectedly unavailable" for several days. Director Bryan Singer attends a press conference for the film "X-Men: Apocalypse" in Beijing, capital of China, May 18, 2016.

Special Counsel Mueller produces evidence that Manafort drafted op-ed
Manafort ultimately never published the opinion piece, after prosecutors reached out to his attorneys to alert them, they said in the filing.

YouTube Prankster Cements Head Into Microwave
The prankster, named Jay Swingler, had been filming the stunt for his 3 million subscribers on the YouTube channel TGFbro. Taking apart the microwave oven was tricky as most parts of the appliance were welded together.

Bugs do happen and IoT gadgets like smart locks definitely aren't immune to them, but it appears Apple has really dropped the ball recently when it comes to the security of their products. The flaw was first spotted by 9to5Mac, which was later confirmed by Apple. But it raised concerns about smart home functionality as users connect more devices to ecosystem such as HomeKit, Alexa, and others.

However this is only temporary as Apple does plan on fixing the vulnerability permanently in future software updates, but in the meantime hopefully the temporary fix will prevent any unwanted consequences.

Other reports by GizPress

Discuss This Article