Apple Fixes iOS 11.2 Homekit Vulnerability

Ivan Schwartz
December 9, 2017

A HomeKit vulnerability was found in the current version of iOS 11.2 that gave unauthorised access to connected smart devices like smart locks and garage door openers. It describes the bug as "difficult to reproduce", but said that it potentially "allowed unauthorized control of HomeKit-connected accessories including smart lights, thermostats, and plugs". Still, it was unsafe.

The vulnerability, disclosed to 9to5Mac, required at least one iPad, iPhone or iPod Touch running the latest software version iOS 11.2 to have connected to the iCloud account associated with the HomeKit system.

Users who were affected don't need to take any action to secure their devices as Apple has already implemented a server side update, which has fixed the problem. However, "The fix temporarily disables remote access to shared users, which will be restored in a software update early next week", an Apple spokesperson said. The company rushed out a fix for the security bug, which then broke the file sharing system, which itself needed fixing in a later software update.

March 31 new deadline for Aadhaar linking
On earlier occasions too, the court has extended the deadline for Aadhaar linkage from time to time. The Supreme Court today agreed to list the case relating to Aadhaar for interim relief.

Roy Moore's accuser admits she 'added notes' to yearbook
When she first made the allegations and presented the yearbook, Nelson made no references to any notes she added later. Jauregui said he has known Moore for more than 24 years and has never witnessed Moore acting "remotely inappropriate".

Seoul Slams China Daily Article on Korean Emergency
The five-day drill is meant to improve the allies' wartime capabilities and preparedness, South Korea's defense ministry said. The ultimate U.S. goal is to denuclearize North Korea - and deliberate escalation may be part of that.

Bugs do happen and IoT gadgets like smart locks definitely aren't immune to them, but it appears Apple has really dropped the ball recently when it comes to the security of their products. The flaw was first spotted by 9to5Mac, which was later confirmed by Apple. But it raised concerns about smart home functionality as users connect more devices to ecosystem such as HomeKit, Alexa, and others.

However this is only temporary as Apple does plan on fixing the vulnerability permanently in future software updates, but in the meantime hopefully the temporary fix will prevent any unwanted consequences.

Other reports by GizPress

Discuss This Article

FOLLOW OUR NEWSPAPER