Mario Bautista
- Apple recently released iOS 18.0.1 and is urging users to update it because it has fixed some major security issues.
- The biggest issue is with the VoiceOver app which is reading your passwords out loud due to a bug.
- The other two issues are related to iMessage’s audio recording feature and iPhone 16 and 16 Pro’s screen’s responsiveness.
Apple has released iOS 18.0.1 and has requested all users to install the update as it fixes a number of security issues.
The biggest issue is with the app VoiceOver which would read your passwords out loud. For those who don’t know, VoiceOver is a built-in screen reader that reads whatever text appears on your screen. This is an accessibility feature designed for visually impaired people to help them use their phones without assistance.
But having your passwords read out any time, even if other people are around or someone else is using your phone is concerning.
Some experts noted that the actual risk might be low. For anyone to actually exploit the password, they need to be near the device to hear it and then have access to the device to use it.
Surely, a hacker can use the password remotely as well, but what are the chances that a hacker is around the user at the exact moment when their passwords are being read out?
But regardless of the probability of exploitation, security issues related to passwords are always a matter of concern and should be fixed immediately.
‘Whilst we’ve yet to see these vulnerabilities being exploited in real attacks, it’s important that users update their Apple devices to iOS 18.0.1,’ – Suzan Sakarya, senior manager at software company Jamf
Speaking of the vulnerability that caused this issue in VoiceOver, Apple hasn’t revealed much. We only know that it’s being tracked as CVE-2024-44204 and is caused by a logic issue but the rest of the conditions underlying it are unclear.
This issue comes just a month after Apple launched its native password manager.
Devices that need updating include:
- iPhone XS and later
- iPad Pro 13-inch
- iPad Pro 12.9-inch third generation and later
- iPad Pro 11-inch first generation and later
- iPad Air third generation and later
- iPad seventh generation and later
- iPad mini fifth generation and later
Other Security Issues
The second security issue is also audio-based. The vulnerability, which is being tracked as CVE-2024-44207, lies in the iMessage app and only affects iPhone 16. In some cases, its audio recording tool was starting to capture audio a few seconds before the user intended to.
Basically, when you press the audio record button on iMessage, a small orange dot appears on the device’s island which indicates that recording has started. However, due to this bug, the recording started a few seconds before the dot appeared. This is quite a privacy issue.
The receiver might accidentally hear parts of the conversation that you didn’t want them to listen to.
The third issue is that this update fix is rather minor. Some users with iPhone 16 and 16 Pro were facing an issue with frozen screens. The screen would not respond to touches and in some cases, even the camera would freeze while recording videos. Both of these issues are fixed by this update.
