iOS update: iPhone owners urged to download new software to fix strange and potentially disastrous problem

Problem has already been fixed once already

Andrew Griffin
Tuesday 27 August 2019 14:58
comments
iPhone owners urged to upgrade to protect their phones

iPhone users have been urged to upgrade their phones to keep them secure from a potentially disastrous – and very strange – security bug.

Apple has finally released a new update, numbered 12.4.1, which fixes a major security issue in iPhones.

The release notes say that the update stops a problem that meant "a malicious application may be able to execute arbitrary code with system privileges". In short, it could let stray apps or websites break into phones.

But what is especially odd about the fix is that it had already been rolled out. Apple originally solved the problem in May, but the fix disappeared with an update in June, leaving phones open to attack once more.

That has now been patched up again, meaning that the new update is required to keep iPhones secure.

As well as posing a security threat, the problem also meant that iPhones could be jailbroken, which removes the restrictions that Apple places on what apps can be used on the phone and how. Proponents say jailbreaking allows users more control over how the phone works, but Apple says that can introduce extra security issues of its own.

iOS 12.4.1 does not bring any other new features, or make any significant changes to the operating system. But the security issue was so central that Apple pushed out an unexpected release to fix it, and users have been advised to download it.

Apple also released small updates for its other platforms, too: watchOS 5.3.1, tvOS 12.4.1, and macOS 10.14.6.

In the security notes accompanying the release, Apple notes that it "doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available". The company had not acknowledged either the bug or the fact the fix had been removed until the new release.

It also thanked the security researcher, known as Pwn20wnd, who had publicly identified the bug on 19 August.

It did not give any indication of how the problem arose, or how it was fixed.

Updating an iPhone is simple: head to the Settings app, click "general" and choose the software update option. iOS also now tries to update itself automatically, meaning that phones could already have fixed themselves while they are plugged in overnight.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments