- Регистрация
- 17 Февраль 2018
- Сообщения
- 35 030
- Лучшие ответы
- 0
- Баллы
- 2 093
Offline
Apple released iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5 today to address a zero-day exploit that might allow attackers to access data on a locked device.
The update patches the OS against an attack on USB Restricted Mode, which Apple first implemented in devices with the release of iOS 11.4.1 in 2018, to prevent attempts to bypass device passcodes and get around the encryption safeguards that protect user’s data. According to Apple, the exploit reported by Bill Marczak of The Citizen Lab “may have been exploited in an extremely sophisticated attack against specific targeted individuals.”
Apple has patched flaws in USB Restricted Mode before, and in iOS 18, it added a new “inactivity reboot” that would restart unused devices after a few days so that they require a passcode for access. Today, it also issued new updates for the Mac, Apple Watch, and Vision Pro platforms but has not yet released any security notes to go along with those.
Apple’s details about the new update:
iOS 18.3.1 and iPadOS 18.3.1
Released February 10, 2025
Accessibility
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
Impact: A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Description: An authorization issue was addressed with improved state management.
