iPhone Security Update To Thwart Zero-Click Attacks


In the past year, several attacks on iPhone users have been discovered with an alarming feature in common: they did not require any interaction from the victim. For example, it could be enough to receive an SMS and suddenly the phone is hacked.

That kind of attack, however, will be much more difficult to implement following the iOS 14.5 software update, reports Motherboard. Apple’s developers have extended the scope of a security function called Pointer Authentication Codes (PAC) so that it applies to a category that was previously unprotected.

Under the new system, cryptographic signatures are used to ensure that code in the memory has not been manipulated, and to highlight fake versions of various functions.

Several anonymous hackers Motherboard has spoken to say the change will have a major effect on the development of this kind of zero-click attacks.

“It will definitely make 0-clicks harder,” said one. “Sandbox escapes too. Significantly harder.”

iOS 14.5 is currently in beta testing. The update is packed with important tweaks and new features, and is expected to launch to the public around the end of February or early in March.

For general advice read our iPhone security tips.

This article originally appeared on Macworld Sweden. Translation by David Price.

Source link


Please enter your comment!
Please enter your name here