Don’t Trust iOS Updates After 11.0.3? You Need to Install iOS 11.1 ASAP As It Fixes KRACK & Other Flaws
Apple released iOS 11.1 to iPhone, iPad and iPod touch yesterday. While the release may have focused on bringing 70 new emojis to users, it also fixes some critical security flaws, notably the KRACK Wi-Fi vulnerability. The flaw had already been fixed by Google and Microsoft and now the Cupertino iPhone maker has also released a patch for this vulnerability.
Along with KRACK, Apple has fixed a number of other critical security flaws, including:
- An issue that enabled an app to execute code with kernel privileges.
- Attacker with physical access to the device could have accessed photos from the lock screen using Reply With Message feature (a problem that keeps coming back).
- Someone having physical access to an iOS devices could have used Siri to read notifications not set to be displayed on the lock screen.
- Malicious zip file was able to potentially modify restricted areas of the file system (iOS aint as bullet proof as we may want to believe).
- And a few other security issues.
While many of us wait a few days to make sure the newer versions are stable enough for daily use (since iOS 11.0.3 broke the experience for many), this is an extremely important update not only because it fixes a number of other flaws but also the critical KRACK vulnerability. [More on KRACK can be read in our earlier post]
The complete security bulletin is attached below with tracking numbers and teams/researchers responsible for discovery of the security vulnerabilities.
Impact: Processing a maliciously crafted text file may lead to an unexpected application termination
Description: A denial of service issue was addressed through improved memory handling.
CVE-2017-13849: Ro of SavSec
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13799: an anonymous researcher
Impact: A person with physical access to an iOS device may be able to access photos from the lock screen
Description: A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management.
CVE-2017-13844: Miguel Alvarado of iDeviceHelp INC
Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen
Description: An issue existed with Siri permissions. This was addressed with improved permission checking.
CVE-2017-13805: an anonymous researcher
Impact: A malicious zip file may be able modify restricted areas of the file system
Description: A path handling issue was addressed with improved validation.
CVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L.
Impact: Characters in a secure text field might be revealed
Description: The characters in a secure text field were revealed during focus change events. This issue was addressed through improved state management.
CVE-2017-7113: an anonymous researcher, Duraiamuthan Harikrishnan of Tech Mahindra, Ricardo Sampayo of Bemo Ltd
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
CVE-2017-13784: Ivan Fratric of Google Project Zero
CVE-2017-13783: Ivan Fratric of Google Project Zero
CVE-2017-13785: Ivan Fratric of Google Project Zero
CVE-2017-13788: xisigr of Tencent's Xuanwu Lab (tencent.com)
CVE-2017-13802: Ivan Fratric of Google Project Zero
CVE-2017-13792: Ivan Fratric of Google Project Zero
CVE-2017-13795: Ivan Fratric of Google Project Zero
CVE-2017-13798: Ivan Fratric of Google Project Zero
CVE-2017-13796: Ivan Fratric of Google Project Zero
CVE-2017-13794: Ivan Fratric of Google Project Zero
CVE-2017-13793: Hanul Choi working with Trend Micro's Zero Day Initiative
CVE-2017-13791: Ivan Fratric of Google Project Zero
CVE-2017-13803: chenqin (陈钦) of Ant-financial Light-Year Security
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven