Apple rapidly squashes iOS 11.2 HomeKit bug

The bug allowed unauthorised access to smart locks and other devices

A HomeKit vulnerability was found in the current version of iOS 11.2 that gave unauthorised access to connected smart devices like smart locks and garage door openers.

The vulnerability was demonstrated to 9to5Mac which kept its detail under wraps in order to prevent oportunistic hackers from exploting the security hole.

The report stressed that the issue was not with the accessories themselves but with the HomeKit framework as a whole which connects smart products from different companies.

It allowed third-party remote control of these HomeKit connected accessories, such as lights and thermostats as well as the more serious devices like locks and door openers, posing a potentially serious security problem.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The bug affected those with at least one device on the iOS 11.2 connected to a HomeKit user's iCloud account, while those with earlier operating systems were not affected.

Users who were affected don't need to take any action to secure their devices as Apple has already implemented a server side update, which has fixed the problem. However, the fix does disable some of the HomeKit functionality for remote users, although the disruption to the service's functionality will be fixed in the future iOS update.

"The rush to make every home device smart turns out to be a stupid decision as we learn about more and more vulnerabilities in IoT devices. As it stands right now, there's no liability for companies building insecure devices so we'll continue to see the market flooded with cheap "smart" devices. Owners need to be vigilant in monitoring for device updates if they choose to deploy these in their own homes," senior security researcher at Cylance, Jeff Tang, told IT Pro.

Such a security hole demonstrates how the spread of more smart and connected devices in the consumer and business technology world, thanks to the continued growth of the internet of things (IoT), can inject more potential cyber attack vectors into home and office networks.

As such, there is more work that needs to be done to mitigate these risks and establish standards of cyber security in the IoT world before it grows out of control.

Picture courtesy of Apple

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/business-strategy/33311/apple-launches-new-tv-gaming-and-finance-services
Business strategy

Apple launches new TV, gaming and finance services

25 Mar 2019
Visit/hardware/laptops/354509/apple-macbook-pro-16in-review-a-little-bigger-a-lot-better
Laptops

Apple MacBook Pro 16in review: A little bigger, a lot better

10 Jan 2020
Visit/mobile/23617/the-best-smartphones-to-buy
Mobile

Best smartphone 2019: Apple, Samsung and OnePlus duke it out

24 Dec 2019
Visit/hardware/354336/the-it-pro-products-of-the-year-2019-all-the-years-best-hardware
Hardware

The IT Pro Products of the Year 2019: All the year’s best hardware

24 Dec 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/hardware/laptops/354533/dell-xps-13-new-9300-hands-on-review-chasing-perfection
Laptops

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020
Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020