Apple quickly works to patch HomeKit vulnerability in iOS 11.2 | iLounge News


Apple quickly works to patch HomeKit vulnerability in iOS 11.2

Apple has quickly closed the door on a HomeKit vulnerability introduced in iOS 11.2, 9to5Mac reports. The security flaw, demonstrated privately to 9to5Mac, allowed “unauthorized control of accessories including smart locks and garage door openers.” The report does not describe the vulnerability in detail and adds that it “was difficult to reproduce” but that it did allow access to pretty much any HomeKit-connected accessory once at least one iOS 11.2 device was connected to a HomeKit users’s iCloud account. Apple has apparently rolled out a server-side fix immediately that closes the hole and temporarily disables remote access to shared users; an iOS update is expected next week that will properly fix the problem and restore remote shared access.


Related Stories

Subscribe to iLounge Weekly

Sign up for the iLounge Weekly Newsletter

iLounge is an independent resource for all things iPod, iPhone, iPad, and beyond.
iPod, iPhone, iPad, iTunes, Apple TV, Mac, and the Apple logo are trademarks of Apple Inc.
iLounge is © 2001 - 2018 iLounge, Inc. All Rights Reserved. Terms of Use | Privacy Policy