Apple Fixes a Bunch of Security Flaws with iOS 11.3 Inc/ a Bug That Allows Apps to Log Keystrokes

Author Photo
Mar 29, 2018
18Shares
Submit

Apple has today released iOS 11.3 to iPhone, iPad and iPod touch. Among other features, today’s update brings battery controls for users. But features aside, the company has also fixed several security issues, including a bug that enabled malicious apps to gain elevated privileges.

The company has addressed another critical security issue with iOS 11.3 where an attacker with physical access to the device can disable Find My iPhone without having to enter iCloud password. Other notable bugs that have been addressed include:

5f221071490009-1-5bc72304eae8bRelated 2018 iPad Pro Imagined To The Dot On Leaks In Latest Renders

  • A problem where a malicious app may be able to execute arbitrary code with kernel privileges
  • Malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction
  • Visiting a malicious website may lead to user interface spoofing
  • Remote attacker could cause a device to unexpectedly restart
  • Processing maliciously crafted web content may lead to a denial of service
  • An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled.

Here are all the details of iOS 11.3 security patches:

Clock

Impact: A person with physical access to an iOS device may be able to see the email address used for iTunes

Description: An information disclosure issue existed in the handling of alarms and timers. This issue was addressed through improved access restrictions.

CoreFoundation

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

CoreText

Impact: Processing a maliciously crafted string may lead to a denial of service

Description: A denial of service issue was addressed through improved memory handling.

File System Events

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

Files Widget

Impact: File Widget may display contents on a locked device

Description: The File Widget was displaying cached data when in the locked state. This issue was addressed with improved state management.

Find My iPhone

Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password

Description: A state management issue existed when restoring from a back up. This issue was addressed through improved state checking during restore.

iCloud Drive

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

Kernel

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: Multiple memory corruption issues were addressed with improved memory handling.

Kernel

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

Kernel

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

Mail

Impact: An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail

Description: An inconsistent user interface issue was addressed with improved state management.

NSURLSession

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

PluginKit

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

Quick Look

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

Safari

Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing

Description: An inconsistent user interface issue was addressed with improved state management.

Safari Login AutoFill

Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction.

Description: Safari autofill did not require explicit user interaction before taking place. The issue was addressed through improved autofill heuristics.

SafariViewController

Impact: Visiting a malicious website may lead to user interface spoofing

Description: A state management issue was addressed by disabling text input until the destination page loads.

Security

Impact: A malicious application may be able to elevate privileges

Description: A buffer overflow was addressed with improved size validation.

Storage

Impact: An application may be able to gain elevated privileges

Description: A race condition was addressed with additional validation.

System Preferences

Impact: A configuration profile may incorrectly remain in effect after removal

Description: An issue existed in CFPreferences. This issue was addressed through improved preferences cleanup.

Telephony

Impact: A remote attacker can cause a device to unexpectedly restart

Description: A null pointer dereference issue existed when handling Class 0 SMS messages. This issue was addressed through improved message validation.

Web App

Impact: Cookies may unexpectedly persist in web app

Description: A cookie management issue was addressed through improved state management.

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved memory handling.

WebKit

Impact: Unexpected interaction with indexing types causing an ASSERT failure

Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks

WebKit

Impact: Processing maliciously crafted web content may lead to a denial of service

Description: A memory corruption issue was addressed through improved input validation

WebKit

Impact: A malicious website may exfiltrate data cross-origin

Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation.

WindowServer

Impact: An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled

Description: By scanning key states, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. This issue was addressed by improved state management.

Submit