By wandering in, you agree to our Privacy Policy and Terms of Use; we're Amazon and BestBuy affiliates, so buying through our links might earn us a few coins!
Apple’s New iPhone Update Fixes a Critical USB Security Flaw
Geeks Gadgets
February 10, 2025
0
Comments
2 Views
Apple’s New iPhone Update Fixes a Critical USB Security Flaw
iPhone
Published 18 minutes ago
Follow
Followed
Thread
Link copied to clipboard
iPhone
Related
A “Slim” Phone Is the Last Thing I Want From Samsung or Apple
Check In on iPhone is Missing These 6 Features
Mid-Range Android vs. Old iPhone: You Should Buy the iPhone
Sign in to your How-To Geek account
Justin Duino / How-To Geek
Apple released iOS 18.3.1 and iPadOS 18.3.1 today to fix a serious security problem related to USB Restricted Mode. This vulnerability could let someone bypass USB Restricted Mode on a locked device through a physical attack, which might allow access to the device’s data.
This new update fixes a security issue related to authorizations by managing states better. Bill Marczak found this vulnerability in The Citizen Lab at the University of Toronto. The original security measure was introduced in 2018 to keep data from being transferred via USB unless the device is unlocked. Apple mentioned that this vulnerability might have been used in advanced attacks against certain people.
The update can be installed on iPhone XS and newer models, as well as certain iPad models like the iPad Pro 13-inch, iPad Pro 12.9-inch (3rd generation and newer), iPad Pro 11-inch (1st generation and newer), iPad Air (3rd generation and newer), iPad (7th generation and newer), and iPad mini (5th generation and newer).
Apple usually keeps information about security vulnerabilities private until they have released fixes, so there’s no telling how long this has been an issue. This latest update builds on earlier fixes for USB Restricted Mode and works alongside a new feature in iOS 18 that restarts devices after they have been inactive for a few days, requiring a passcode to get back in.
The nature of the attack seems to show that the hacker needed to physically connect to the victim’s device using special tools. Although we don’t know who the attackers or victims are, it’s well-known that tools to unlock iPhones exist. Companies like Cellebrite and Graykey make forensic tools that law enforcement uses to unlock iPhones.
It’s likely the devices that were targeted faced a very advanced type of attack similar to those companies. So this update may also make things more difficult for law enforcement who want to unlock criminals’ iPhones, but that’s speculation because the specific details of the fix have not been disclosed.
Source: Apple, The Verge, TechCrunch
Apple iPhone
iPhone
Follow
Followed
Share
FacebookXLinkedInRedditFlipboardCopy linkEmail
Readers like you help support How-To Geek. When you make a purchase using links on our site, we may earn an affiliate commission. Read More.
“Hey there, just a heads-up: We’re part of the Amazon affiliate program, so when you buy through links on our site, we may earn a small commission. But don’t worry, it doesn’t cost you anything extra and helps us keep the lights on. Thanks for your support!”
