The latest iOS 17.3 update contains a fix for a vulnerability in the Shortcuts app.Advertisements
.gadsense_slot_2{ display: inline-block; width: 336px; height: 280px;}
@media (min-width:300px) { .gadsense_slot_2 { width: 300px; height: 250px; } }
@media (min-width:336px) { .gadsense_slot_2 { width: 336px; height: 280px; } }
@media (min-width:728px) { .gadsense_slot_2 { width: 728px; height: 90px; } }
(adsbygoogle = window.adsbygoogle || []).push({});
Versions macOS Sonoma 14.3, iPadOS 17.3, and iOS 17.3 contained code that patched the Shortcuts vulnerability. The issue was rated a 7.5 of 10 in the CVSS score, thereby classifying it as a ‘very high severe vulnerability.’ Shortcuts are integrated into macOS, iPadOS, and iOS for building automations and can be shared between users through a link. This can lead to a widespread occurrence of a malicious Shortcut making its way through the public.
Bitdefender performed a research of unsuspecting users that could accept a Shortcut. This Shortcut can bypass the Transparency, Consent, and Control system and allow the attacker to collect data. A device usually prompts the TCC when a Shortcut or app attempts to gain access to system resources or sensitive information, but the vulnerability bypasses the check.
Advertisements
.gadsense_slot_1{ display: inline-block; width: 336px; height: 280px;}
@media (min-width:300px) { .gadsense_slot_1 { width: 300px; height: 250px; } }
@media (min-width:336px) { .gadsense_slot_1 { width: 336px; height: 280px; } }
@media (min-width:728px) { .gadsense_slot_1 { width: 728px; height: 90px; } }
(adsbygoogle = window.adsbygoogle || []).push({});
TAGGED:
iOS, iOS 17.3
