Apple has fastened a years-old vulnerability in its iPhone and iPad software program that undermined a privateness function because it first debuted.
Again in 2020, Apple introduced a brand new function in iOS 14 that might stop close by wi-fi routers and entry factors from gathering an Apple gadget’s distinctive MAC tackle.
Monitoring MAC addresses can have reputable makes use of, like permitting directors to determine each gadget linked to their networks, resembling unauthorized units. However understanding a tool’s MAC addresses can be utilized for monitoring that gadget throughout completely different networks.
Quite than sharing the gadget’s distinctive MAC tackle, the iOS function would use a unique “personal tackle” for every community.
However it seems that this function hasn’t labored as supposed because it was first launched, in response to security researchers Tommy Mysk and Talal Haj Bakry, who found a flaw that prevented the privateness function from correctly working.
In a video printed this week, Mysk defined that whereas iOS has changed the gadget’s actual MAC tackle with a randomly generated tackle for every community, the gadget’s software program additionally included the actual MAC tackle within the AirPlay discovery requests that an iPhone sends when it joins a community. These actual MAC addresses have been then broadcast to each different linked gadget on the community.
“There is no such thing as a option to stop iPhones and iPads from sending AirPlay discovery requests, even when linked to a VPN,” Mysk stated. “Apple’s units do that to find AirPlay-capable units within the community.”
Mysk confirmed to information.killnetswitch that iPhones and iPads stored sending these requests even when the consumer enabled Lockdown Mode, an opt-in function designed to guard in opposition to extremely focused cyberattacks.
Apple this week fastened the vulnerability, tracked as CVE-2023-42846, with the discharge of iOS 17.1 and iOS 16.7.2 for older units that may run iOS 16. As Mysk famous, units working iOS 14 or iOS 15 stay susceptible.
Apple has not disclosed the severity of the bug, however Mysk notes that the vulnerability ranking rating system classifies the vulnerability as “excessive.”
Apple spokesperson Scott Radcliffe declined to reply information.killnetswitch’s questions.
Apple this week fastened a number of different vulnerabilities with iOS 17.1, together with a flaw which will have allowed an attacker to entry passkeys with out authentication, and a Siri bug that might have uncovered delicate information to a hacker with bodily entry to a tool.
