iOS 12 Patches Memory Bugs, Safari 12 Fixes Data Leaks

A new round of security updates is available from Apple, fixing bugs in Safari, watchOS, tvOS, and iOS. Some of the vulnerabilities were disclosed ahead of these releases, creating a window of opportunity for ill-intended users.

Apple released its newest version of iOS today, and apart from adding a performance boost to older iPhone models, it also comes with solutions for security problems.

iOS 12 protects reading from memory, fixes code execution with admin rights

The Cupertino-based company addressed problems that allowed local apps to read a persistent account identifier, Bluetooth traffic interception,
learning info about the current camera view, or spoofing login prompts in the iTunes store.

Among the more serious of them is one reported by Ian Beer of Google Project Zero in iOS kernel, and one discovered by Apple.

Beer found that an application may be able to read restricted memory, because of an insufficient input validation problem in the kernel.

An issue with the same effect was reported by security researcher Brandon Azad, who found it in the IOMobileFrameBuffer, an extension of the kernel that manages the screen framebuffer.

The third problem of this kind existed in the WiFi component and came from a security researcher named Lee, and the Yonsei University.

Apple’s own find is in the Core Bluetooth component of iPhone 5s and later, iPad Air and later, and iPod touch 6th generation. The glitch is a memory corruption that allows an application to execute arbitrary code with system privileges.

Also notable is a vulnerability (CVE-2018-4313) credited to 11 anonymous researchers and five more others that declared their names. It was present in Safari and Messages app and it permitted a local user to read deleted messages or reveal visited websites.
Safari 12 fights spoofing and data exfiltration

First on the list of solved problems is the bug reported by Rafay Baloch, which could permit the exfiltration of data autofilled by Safari. The flaw is a threat for unpatched mobile devices from Apple as well as on macOS Sierra and High Sierra.

Another fix refers to an issue with clearing the browser history, which did not remove all the logs, credited to Hugo Diaz.

Security researcher xisigr of Tencent Lab was acknowledged for finding CVE-2018-4195, a security bug that could lead to interface spoofing when the user visited a malicious website.

What Apple appears to have missed with these updates is protection against the attack discovered by security researcher Sabri Haddouche, and reported by BleepingComputer over the weekend.

If you’ve already updated to iOS 12, there is a feature you should turn on, just to make sure that common hackers cannot bypass your iPhone’s lock screen: USB Restricted Mode.

It may not shield you from a well-funded actor, but it does make it very difficult to unlock if stolen.