Last updated

WhistleOut fast facts
  • Trellix, a US cybersecurity firm, discovered that ForcedEntry, an iOS exploit, can be used to access other data and work around Apple security protocols.
  • The discovered bugs have the ability for hackers to go through your messages, photos, location data, and call history.
  • The security vulnerabilities “range from medium to high severity,” according to a Trellix press release.
  • Apple worked with Trellix to address the bugs and security flaws in recent updates to macOS and iOS.

Earlier this week, on February 21, Austin Emmitt, a Senior Vulnerability Researcher with the Trellix Advanced Research Center, published a report detailing a “new privilege escalation bug class” discovered in macOS and iOS. 

Of course, system bugs are a normal part of any operating system. Apple is well-regarded for its restrictions on software and emphasis on safety and security for all devices. The company is not, however, immune to bugs.

The privilege escalation bug Emmitt discovered is a bug that can gain access not just to superficial user data, but also to the core of the operating system with control over everything.

The bug was discovered by Trellix thanks to earlier work by Citizen Lab and Google Project Zero, which examined ForcedEntry, a security exploit that required no user action. (Apple released iOS 14.8, macOS Big Sur 11.6, and Security Update 2021-005 Catalina to counteract ForcedEntry.)

The newly discovered bug primarily impacts SpringBoard—the application runs the home screen, starts applications, and can access location data, photos, and the device’s camera. Apple launched a version of SpringBoard called Launchpad for Mac with Mac OS X Lion. SpringBoard can also wipe the device.

How do hackers get to SpringBoard? They use a process similar to ForcedEntry that allows them to execute code providing more access to the device. And although Apple updated protocols to stop ForcedEntry—primarily vulnerabilities around NSPredicate, a tool that can filter code—Trellix “discovered that these new mitigations could be bypassed.”

Trellix also released a video explaining how this process works. The video shows how the OS sends notifications and location data to attackers through SpringBoard.

Okay, so what does this all mean? 

  1. Hackers would require a foothold in your device’s system before exploiting these vulnerabilities. (ForcedEntry used a malicious PDF.) 

  2. Most of the data we presume to be safe is vulnerable to attack.

  3. Researchers are always looking for bugs and exposing vulnerabilities. They can help companies release software patches that fix those problems.

  4. Your device is still safe to use.

Finding bugs is a routine and essential part of device and app testing. In fact, for WhistleOut US, we reported a bug targeting Bluetooth devices and Siri on Apple devices last year. 

The good news is that once bugs are detected, Apple quickly acts and releases security updates.

Have no fear: Trellix worked with Apple to address the security flaws. The cybersecurity firm reports that Apple addressed the issues in macOS 13.2 and iOS 16.3. 

Users should always update their devices to ensure they run the most secure software and protect themselves and their data.

Get instant access to exclusive wireless news & deals

Join the more than 130,000 people who follow WhistleOut to find technology they love.

I have read the WhistleOut Privacy Policy and Terms of Use, and understand I can unsubscribe at any time.

Find Better Internet and Phone Plans

Hundreds of internet plans unpacked. All the facts. No surprises.

Search 27 Providers

Compare broadband plans from the following providers...

  • oxio
    Advertisement
  • Diallog
    Advertisement
  • VMedia
  • TekSavvy
    Advertisement
  • Bell
  • Cogeco
  • Distributel
  • Virgin Plus
    AdvertisementAdvertisement
  • Rogers
  • Telus
  • Xplore
  • Telcan
    Advertisement
  • Altima Telecom
    Advertisement
  • Eastlink
  • Netcrawler
    Advertisement
  • Fizz
  • SaskTel
  • Koodo
  • Videotron
  • Execulink
  • NorthwesTel
  • Start.ca
  • Carry Telecom
  • BellMTS
  • Sogetel
  • Shaw
  • Starlink