Home / iPad / What can you do about the 'unfixable' exploit affecting almost every iPhone and iPad?

What can you do about the 'unfixable' exploit affecting almost every iPhone and iPad?


Are your iPhone and iPad ready for the latest updates?
Apple has released iOS 13, iOS 13.1, and iPadOS 13. (updated for iOS 13.1). Read more: https://zd.net/2LUPLfy

The Checkm8 exploit, described by the security researcher who published it as “a permanent unpatchable bootrom exploit” might be good news for the jailbreaking community who can use it to unlock devices, but it’s not so good for those worried about keeping their iPhones and iPads secure.

The scope of this exploit is huge.

The exploit affects all iOS devices running on A5 to A11 chipsets. These chips were shipped in iPhones and iPads released between 2011 and 2017, and spanning eight generations of devices, from iPhone 4S to iPhone 8 and X.

Must readiOS 13: Security and privacy settings you need to tweak and check

This is an unpatchable exploit because, as opposed to a software bug that can be updated, this vulnerability is baked into the chipset.

It’s right inside the hardware.

So, what can you do to protect yourself or your company?

The only comfort for affected iPhone and iPad owners here is that this exploit requires physical access to the device and can only be triggered over USB, and it cannot be executed remotely. For the average user, this probably downgrades the severity of this vulnerability, but it will be of little comfort to companies who have hundreds, or even thousands of iPhones and iPads deployed.

Endpoint software will also likely be useful in spotting compromised devices, but there are gaps in that sort of security (for example, it still leaves the data on the device vulnerable).

The other option is to buy new hardware.

For the average user, this exploit is nothing to worry about, but for enterprise users, it is likely to be a headache that will hang around until the old iPhones and iPads are replaced with new iPhones and iPads.



Source link

About admin

Check Also

Adobe's Creative Cloud roadmap runs through Apple's iPad: Everything announced at Adobe Max

Adobe’s cloud pivot: What we’ve learned A decade ago, Adobe bought Omniture in a deal ...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.