Technology

iOS 15.2.1 and iPadOS 15.2.1 HomeKit Vulnerability Address

Apple today released iOS 15.2.1 and iPadOS 15.2.1, minor updates that include an important security fix for a known HomeKit vulnerability first discovered last year.


According to Apple’s security support document for the update, it addresses an issue that could cause a maliciously designed “HomeKit” to refuse service, causing iPhones and iPads to not work.

Apple says this is caused by a resource exhaustion issue that has now been addressed with improved input validation.

The HomeKit ‌ bug was first highlighted in January by sleeping computer After it was discovered by Trevor Spinolas. The vulnerability, dubbed “doorLock,” is implemented by changing the name of the “HomeKit” device to a name containing more than 500,000 characters.

Attempting to load such a large string of characters will send your iOS device into a denial of service state, and a forced reset is the only way to recover. Resetting the device leads to data loss unless a backup is available, and logging back into the affected iCloud account associated with the disabled HomeKit‌ name can restart the error.

Apple partially fixed the bug in iOS 15.1 by limiting the length of the name that could be assigned to a “HomeKit” device or app, but it didn’t completely solve the problem because malicious people exploiting the vulnerability could use home page invites instead of the attacking device.

Since this error can lead to data loss at worst and device reset at best, it’s worth updating to iOS and iPadOS 15.2.1 updates immediately.

Related stories

Apple releases iOS 14.8.1 and iPadOS 14.8.1 with security updates

Apple today released iOS and iPadOS 14.8.1, minor updates to the iOS and iPadOS 14 operating systems. iOS and iPadOS 14.8.1 come more than a month after the release of iOS and iPadOS 14.8, another security update. iOS and iPadOS 14.8.1 updates can be downloaded for free and the software is available on all eligible devices over the air in the Settings app. To access the new program, …

Microsoft has discovered a new Powerdir vulnerability in macOS, which is fixed in Update 12.1

This morning, the Microsoft 365 Defender research team published details of a new macOS “Powerdir” vulnerability that allows an attacker to bypass transparency, consent, and control technology to gain unauthorized access to protected data. Apple has already addressed the CVE-2021-30970 vulnerability in the macOS Monterey 12.1 update released in December, so users who have updated to …

HomeKit accessories worth checking out

Every so often, MacRumors videographer Dan rounds up some of his favorite household products he used. We have another installment in the HomeKit series, this time featuring devices from Lutron, Belkin, Sonos, and more. Subscribe to MacRumors’ YouTube channel for more videos. You can see everything in action in the video, we have links and a brief description of HomeKit…

Apple released iOS 15.0.2 with picture bug fixes in Messages, security update, and more

Apple today released iOS 15.0.2, which is the second update to iOS 15 released in September. iOS 15.0.2 comes a week and a half after the release of iOS 15.0.1, a bug-fixing update. The iOS 15.0.2 update can be downloaded for free and is available on all eligible devices over the air in the Settings app. To access the new software, go to Settings > General > …

Apple releases iOS and iPadOS 12.5.4 security fix for older iPhones and iPads

Apple today released new iOS and iPadOS 12.5.4 updates, with the new software targeting older devices that are unable to run the iOS 14 update available on recent devices. iOS and iPadOS 12.5.4 updates can be downloaded for free and the software is available on all eligible devices over the air in the Settings app. To access the new software, go to Settings > General > Programs…

Apple Seeds First Public Betas of iOS 15.3 and iPadOS 15.3

Apple today seeded the first betas of the upcoming iOS 15.3 and iPadOS 15.3 updates for public beta testers, with the new software coming a few days after the first beta was released to developers and a week after the release of iOS 15.2 and iPadOS 15.2. iOS and iPadOS 15.3 can be downloaded over the air after installing the appropriate profile from Apple’s public beta testing website on your iPhone…

Apple Seeds First Betas of iOS 15.3 and iPadOS 15.3 for developers

Apple today seeded the first beta seeds for the upcoming iOS 15.3 and iPadOS 15.3 updates for developers for testing purposes. The new software comes four days after the release of iOS 15.2. iPadOS 15.2 iOS and iPadOS 15.3 can be downloaded through the Apple Developer Center or more after installing the appropriate profile on your iPhone or iPad. iOS 15.3 was leaked earlier today…

popular stories

Mockup shows what an iPhone 14 could look like with a pill-shaped slot in your hand

The upcoming high-end iPhone 14 is expected to come with a pill-shaped notch rather than the notch that’s been on the iPhone in some form since 2017. While we’re still months away from the next iPhone, we already have a solid idea of ​​what the pill will look like in use. practical. A Twitter mockup of developer Jeff Grossman shows, at least on the home screen, what…

Today we celebrate 15 years since Steve Jobs unveiled the original iPhone

Today is January 9, which means that it’s been 15 years since Steve Jobs, the CEO of Apple, stood on stage at the Macworld exhibition in San Francisco, California and gave the world their first look at the iPhone, the device that would change everything. . The original iPhone was a very small thing with a 3.5-inch LCD screen, plain old home button, thick chassis, huge bezels, Samsung processor, and…

Gurman: The new iPhone SE and more likely at Apple’s event in March or April

Bloomberg’s Mark Gorman said today in his “Power On” newsletter that Apple’s first event of 2022 will likely take place in March or April. Gurman said a new iPhone SE with 5G support and a faster chip will likely be among the announcements at the event. “Apple’s first virtual event in 2022 will take place in just a few months and is likely to take place in March or April, I…

Top news: iPhone 14 Pro without Notch, AirPods Pro 2, and more for 2022

Happy New Year 2022! With calendars turning into the new year, it’s a great opportunity to look ahead at predictions for 2022 and there’s been no shortage of rumors on this front already. This week saw rumors of the iPhone 14 Pro, AirPods Pro 2, the next iPhone SE, and more, as we wrapped up 2021 and kicked off 2022 with the first two episodes of our new podcast, The MacRumors…

Apple car blueprints submitted to Japanese auto parts maker in 2020

In January 2020, a man who identified himself as a parts manager at Apple, Japanese auto supplier Sanden, reported that Apple wanted to make electric cars, and provided blueprints for an electric vehicle and parts for air conditioners, according to Nikkei Asia. Vanarama Apple Car concept based on patents filed by Apple Sanden is a leading manufacturer of air conditioning parts…

Did you miss AirPods deals during the holidays? Here are the best discounts you’ll find in January

January is a month known to have fewer good deals compared to November and December, and January 2022 was no different. However, if you’re shopping for a pair of AirPods after you’ve missed the 2021 holiday season pricing, there are some discounts you can take advantage of when we start 2022. Note: MacRumors is an affiliate partner with some of these sellers….

Your iPhone 14 Is Likely Not to Hold, and Here’s Why

Ever since Apple removed the headphone jack on the iPhone 7 in 2016, rumors have swirled that Apple is finally aiming to do away with the next Lightning port for a portless design entirely. In fact, analysts initially expected the latest iPhone‌ 13 model to offer a “completely wireless experience.” Of course, that didn’t happen, but a portless iPhone 14 in 2022 seems unlikely, for…

.

Leave a Reply

Your email address will not be published. Required fields are marked *