Apple has finally addressed an iOS exploit that surfaced last October when a teenager demonstrated the potential damage the vulnerability could do and put a police department “in immediate danger of losing service” to its 911 center. The security hole made iOS devices vulnerable to Javascript that could allow others to remotely open apps and make phone calls.
Although the teen was eventually arrested and charged with computer tampering, it’s taken Apple several months to finally address the issue. According to Apple, iOS 10.3 includes a simple fix to the problem. The source of the issue, they say, was a feature that allowed users to click on a phone number and immediately initiate a call. After the update, users will now have to press a second confirmation before initiating a call. Cybersecurity experts had already explained how dangerous the vulnerability could be over a month ago, saying that individuals or groups could use it to “damage or disable 911 systems during an attack.”
iOS 10.3 came out earlier this week, adding security improvements, improved app transition animation speed, weather in Maps, a detailed Apple ID profile section, and a new file system that uses Apple File System (APFS) instead of HFS+. This file system supports tougher encryption and means files can be accessed more quickly.