Apple has pushed-out an update to iOS 11 – the third since the mobile operating system was released to iPhone, iPad and iPod Touch owners on September 19th 2017.
The new software fixes a number of issues with the operating system.
Dubbed iOS 11.0.3, the new software update rectifies a problem for some iPhone 7 and iPhone 7 Plus devices, where audio and haptic feedback had stopped working.
It also brings back multi-touch to some iPhone 6S displays.
iPhone owners who had had their displays services from providers other than Apple – and therefore not replaced with genuine Apple parts – saw touch input become unresponsive with the previous iOS 11 version.
Apple has not revealed any further details about the update.
However, it’s possible there are other software gremlins quashed in this new release.
Every iOS 11 update issued since the September launch has been in response to a security issue or bug.
iOS 11.0.1 rectified a security flaw with the software, while iOS 11.0.2 fixed a problem with crackling audio on the new iPhone 8 and iPhone 8 Plus handsets.
Just one week later, we now have iOS 11.0.3, which shows how fast Apple is working to iron out the creases in this new operating system.
The US technology company is also working on the next major launch, iOS 11.1, which will bring support for Apple Pay payments between contacts in iMessage.
It will also return the 3D Touch shortcut on the left-edge of the display to launch the app switcher.
The new cyberattack works by hiding fraudulent Apple ID login windows within apps.
These look almost identical to the pop-ups that sometimes appear across iOS, however, rather than Apple simply checking your details – the fake ones siphon the data and send them to online crooks.
The flaw has been discovered by app developer Felix Krausse who claims “it was shockingly easy” to create the malicious code.
Krausse revealed in a blog post: “iOS asks the user for their iTunes password for many reasons, the most common ones are recently installed iOS operating system updates, or iOS apps that are stuck during installation.
“As a result, users are trained to just enter their Apple ID password whenever iOS prompts you to do so.
“However, those popups are not only shown on the lock screen, and the home screen, but also inside random apps, e.g. when they want to access iCloud, GameCenter or In-App-Purchases.
“This could easily be abused by any app, just by showing an UIAlertController, that looks exactly like the system dialog.
“Even users who know a lot about technology have a hard time detecting that those alerts are phishing attacks.”
How can you protect yourself?
- Hit the home button, and see if the app quits: If it closes the app, and with it the dialog, then this was a phishing attack, but if the dialog and the app are still visible, then it’s a system pop-up – and therefore, safe.
- The reason for that is that the system dialogs run on a different process, and not as part of any iOS app.
- Don’t enter your credentials into a popup, instead, dismiss it, and open the Settings app manually. This is the same concept, like you should never click on links on emails, but instead open the website manually
- If you hit the Cancel button on a dialog, the app still gets access to the content of the password field.
Published at Fri, 13 Oct 2017 08:57:00 +0000