WhistleOut fast facts
- Trellix, a US cybersecurity firm, discovered that ForcedEntry, an iOS exploit, can be used to access other data and work around Apple security protocols.
- The discovered bugs have the ability for hackers to go through your messages, photos, location data, and call history.
- The security vulnerabilities “range from medium to high severity,” according to a Trellix press release.
- Apple worked with Trellix to address the bugs and security flaws in recent updates to macOS and iOS.
Earlier this week, on February 21, Austin Emmitt, a Senior Vulnerability Researcher with the Trellix Advanced Research Center, published a report detailing a “new privilege escalation bug class” discovered in macOS and iOS.
Of course, system bugs are a normal part of any operating system. Apple is well-regarded for its restrictions on software and emphasis on safety and security for all devices. The company is not, however, immune to bugs.
The privilege escalation bug Emmitt discovered is a bug that can gain access not just to superficial user data, but also to the core of the operating system with control over everything.
The bug was discovered by Trellix thanks to earlier work by Citizen Lab and Google Project Zero, which examined ForcedEntry, a security exploit that required no user action. (Apple released iOS 14.8, macOS Big Sur 11.6, and Security Update 2021-005 Catalina to counteract ForcedEntry.)
The newly discovered bug primarily impacts SpringBoard—the application runs the home screen, starts applications, and can access location data, photos, and the device’s camera. Apple launched a version of SpringBoard called Launchpad for Mac with Mac OS X Lion. SpringBoard can also wipe the device.
How do hackers get to SpringBoard? They use a process similar to ForcedEntry that allows them to execute code providing more access to the device. And although Apple updated protocols to stop ForcedEntry—primarily vulnerabilities around NSPredicate, a tool that can filter code—Trellix “discovered that these new mitigations could be bypassed.”
Trellix also released a video explaining how this process works. The video shows how the OS sends notifications and location data to attackers through SpringBoard.
Okay, so what does this all mean?
Hackers would require a foothold in your device’s system before exploiting these vulnerabilities. (ForcedEntry used a malicious PDF.)
Most of the data we presume to be safe is vulnerable to attack.
Researchers are always looking for bugs and exposing vulnerabilities. They can help companies release software patches that fix those problems.
Your device is still safe to use.
Finding bugs is a routine and essential part of device and app testing. In fact, for WhistleOut US, we reported a bug targeting Bluetooth devices and Siri on Apple devices last year.
The good news is that once bugs are detected, Apple quickly acts and releases security updates.
Have no fear: Trellix worked with Apple to address the security flaws. The cybersecurity firm reports that Apple addressed the issues in macOS 13.2 and iOS 16.3.
Users should always update their devices to ensure they run the most secure software and protect themselves and their data.
Join the more than 130,000 people who follow WhistleOut to find technology they love.
Find a better internet plan
Enter your address to find a match from internet providers.
Related Articles
Find Better Internet and Phone Plans
Hundreds of internet plans unpacked. All the facts. No surprises.
Find a better internet plan
Enter your address to find a match from internet providers.
Internet Providers by Provinces and Territories
- Internet in Alberta
- Internet in British Columbia
- Internet in Manitoba
- Internet in New Brunswick
- Internet in Newfoundland and Labrador
- Internet in Northwest Territories
- Internet in Nova Scotia
- Internet in Nunavut
- Internet in Ontario
- Internet in Prince Edward Island
- Internet in Quebec
- Internet in Saskatchewan
- Internet in Yukon Territory
