AI fears are leaving Apple users exposed to data-stealing bug

AI fears are leaving Apple users exposed to data-stealing bug

Cybersecurity experts warn that waiting to update your iPhone could compromise highly sensitive data.

Put off the upgrade and you could be vulnerable to a harmful bug that can bypass safeguards protecting user data from unauthorized app access — a problem rectified by Apple’s iOS18 update, released in September.

Michael Covington, vice president of strategy at software company Jamf, told Forbes that many Apple users are deliberately not upgrading to the new operating system, due to widespread wariness of Apple Intelligence, the company’s first iPhone AI program.

Cyber experts warn there is a significant vulnerability in devices not upgraded to iOS18. Getty Images

Still, they’re running a risk by waiting.

The risk of not upgrading puts a phone’s transparency, consent, and control (TCC) subsystem at risk of being bypassed by an attacker.

The software bug can give hackers easy access to sensitive data. REUTERS

What that means for users is hackers could infiltrate sensitive data through an iPhone app and never be notified.

The bug, which overrides TCC from telling users an app is trying to access things like photo and location data, was listed in the National Vulnerability Database.

“Alarmingly, this exploitation occurs without leaving any trace of the data accessed, posing a threat to user privacy and overall data security,” researchers looking into the problem warned, according to Forbes.

Cyber experts fear that the bug reflects a more significant issue, making it easier for hackers to steal data. Getty Images

They also highlighted a larger security concern as hackers now “focus on data and intellectual property that can be accessed from multiple locations.”

Covington warns that the longer users wait to upgrade, the longer they are at risk. As the public is being made aware of the harmful bug, so are more hackers.

“Applying critical patches as soon as they are published helps to thwart attackers looking to target victims through the latest vulnerabilities,” he said.



Source link

decioalmeida

Leave a Reply

Your email address will not be published. Required fields are marked *