Apple just patched up two significant security holes that could allow third-party apps to see private Apple ID information.
In a recent support document update, Apple confirmed that iOS 15 helped patch up two security vulnerabilities that could have potentially revealed a user’s Apple ID information as well as in-app search history to malicious third-party apps.
These apps also could override a user’s Privacy preferences.
The report came to light in September and introduced sandbox restrictions on third-party apps for both iOS and iPadOS 15.
50% off Kaspersky Internet Security
Protect your browsing, shopping, chats & data across your PC, Mac & Android devices. Get award-winning antivirus plus a range of tools built to guard your private life and identity. Now 50% off from just £17.49 per year
- 50% off
- £17.49 per year
In addition, watchOS 8.0 was patched, as there was a security exploit that allowed third-party applications to sometimes bypass the Privacy preferences set by the user.
Apple has not offered any indication that either the iOS, iPadOS or watchOS exploits have been used in the wild, so it’s unlikely that specific users will ever discover if they were ever affected.
Each update revealed newly discovered security vulnerabilities, so users can see what changes have been made.
Apple has claimed that 72% of iPhones released in the last four years have downloaded iOS 15, which is considerably lower than the download rate of iOS 14, which was installed on over 80% of iPhones.
The slower onboarding of iOS 15 will leave more users vulnerable to security holes and breaches, which is why it’s important that any Apple users ensure that they are operating on the latest versions of iOS, iPadOS, watchOS, macOS and tvOS.
Apple is also pushing users to upgrade to iOS 15 rather than iOS 14, which is why there is no longer an option to continue receiving iOS 14 security updates.