{"id":25004,"date":"2024-07-31T06:10:07","date_gmt":"2024-07-31T14:10:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2024\/07\/31\/news-18734\/"},"modified":"2024-07-31T06:10:07","modified_gmt":"2024-07-31T14:10:07","slug":"news-18734","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2024\/07\/31\/news-18734\/","title":{"rendered":"Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now!"},"content":{"rendered":"\n

Apple has released security updates for many of its products in order to patch several vulnerabilities that could allow an attacker to steal sensitive information from a locked device.<\/p>\n

Included in the patches for Apple Watch, iOS, and iPadOS are four vulnerabilities in Siri. While your device is locked there are several voice-commands your digital assistant can process.<\/p>\n

Apple has restricted these options to stop an attacker with physical access from being able to access contacts from the lock screen and access other sensitive user data. Using Siri on a locked device has limitations to protect your privacy and security, and the digital assistant should only be able to perform tasks that do not require access to sensitive data locked behind the device\u2019s security systems, such as Face ID or a passcode.<\/p>\n

A similar vulnerability was also patched in the VoiceOver component in Apple Watch, iOS, iPadOS, and macOS Ventura. To check whether VoiceOver is on or off on your iPhone or iPad, you can check by looking at Settings > Accessibility > VoiceOver<\/strong>.<\/p>\n

To check if you\u2019re using the latest software version of iOS and iPadOS, go to Settings<\/strong> > General<\/strong> > Software Update<\/strong>. You want to be on iOS 17.6 or iPadOS 17.6, so update now if you\u2019re not. It\u2019s also worth turning on Automatic Updates if you haven\u2019t already. You can do that on the same screen.<\/p>\n

\"Update
iPad Software update is available<\/figcaption><\/figure>\n

Here’s an overview of the available updates for the various Apple products:<\/p>\n

\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Name:<\/th>\nAvailable for:<\/th>\n<\/tr>\n<\/thead>\n
Safari 17.6<\/a><\/td>\nmacOS Monterey and macOS Ventura<\/td>\n<\/tr>\n
iOS 17.6 and iPadOS 17.6<\/a><\/td>\niPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later<\/td>\n<\/tr>\n
iOS 16.7.9 and iPadOS 16.7.9<\/a><\/td>\niPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation<\/td>\n<\/tr>\n
macOS Sonoma 14.6<\/a><\/td>\nmacOS Sonoma<\/td>\n<\/tr>\n
macOS Ventura 13.6.8<\/a><\/td>\nmacOS Ventura<\/td>\n<\/tr>\n
macOS Monterey 12.7.6<\/a><\/td>\nmacOS Monterey<\/td>\n<\/tr>\n
watchOS 10.6<\/a><\/td>\nApple Watch Series 4 and later<\/td>\n<\/tr>\n
tvOS 17.6<\/a><\/td>\nApple TV HD and Apple TV 4K (all models)<\/td>\n<\/tr>\n
visionOS 1.3<\/a><\/td>\nApple Vision Pro<\/td>\n<\/tr>\n
iOS 15.8.3 and iPadOS 15.8.3<\/p>\n<\/td>\niPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n

Apple also patched the regreSSHion vulnerability<\/a> that allows unauthenticated Remote Code Execution (RCE) in OpenSSH.<\/p>\n

For beta testers Apple also released the first beta of iOS 18.1 to developers<\/a>. This update is available for iPhone 15 Pro and iPhone 15 Pro Max and includes the first set of Apple Intelligence features, such as Writing Tools, new features for Mail and notifications, upgrades to Photos, and more.<\/p>\n

\n

We don\u2019t just report on phone security\u2014we provide it<\/strong><\/p>\n

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by\u00a0downloading Malwarebytes for iOS<\/a>, and Malwarebytes for Android<\/a> today.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Apple has released security updates that patch vulnerabilities in Siri and VoiceOver that could be used to access sensitive user data. <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[2211,22783,10480,24749,32,21883,11487,22711],"class_list":["post-25004","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-apple","tag-exploits-and-vulnerabilities","tag-ios","tag-ipados","tag-news","tag-security-update","tag-siri","tag-watchos"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/25004","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=25004"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/25004\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=25004"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=25004"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=25004"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}