Critical bug in iOS 13, iPadOS gives unauthorised access to third-party keyboards, fix to be issued soon

By: |
New Delhi | September 25, 2019 5:16 PM

It also added that the possibility of the impact is restricted to your iPhone, iPad, or iPod touch and if you have third-party keyboards on those devices.

apple iphone, ios 13, ios 13.1, ios 13 launch date, ios 13.1 release date, ios 13 for iphone 6, ios 13 beta, ios 13.1 features, ios 13 public beta, ios developer, ios 12.4, iphone 11Apple claims the bug will be fixed in an upcoming software update.

iOS 13 was rolled out on September 19 to a mixed response, largely because of a number of bugs in the operating system. iPhone users who updated to iOS 13 complained that most features are malfunctioning. While some of the bugs are minor, one critical flaw in the operating system has now been found to be giving unauthorised access to third-party keyboards, which can be exploited by hackers. Spotted by a researcher, the bug has been confirmed and patched by Apple in the latest iOS 13.1 update, which is now available for eligible iPhone and iPod models. Apple’s new operating system for iPad, iPadOS is also impacted, the company said.

Apple posted an advisory on its website warning users, who updated their devices to iOS 13 or iPadOS, of the bug that gives third-party keyboards “full access” permissions, which extend to app extensions. Granting all the system permissions to third-party keyboards allows it to use Internet, even for the extensions harboured within, to download and install functionalities, read keystrokes, and store the data. In this case, the functionality could be compromised to snoop on the private data of the user.

The warning comes after the flaw, mentioned as “passcode bypass” in a report by CNN, was reported by Jose Rodriguez, a security researcher, to Apple on July 3. security vulnerability in iOS 13, which would allow an attacker access to all stored contact information. On September 13, Rodriguez posted a video on YouTube demonstrating how the flaw works.

READ ALSO | Apple iPhone 11 to roll out with major security flaw: Here’s what we know

Apple claims the bug will be fixed in an upcoming software update. To note, the iOS 13 was rolled out last week in September while both iOS 13.1 and iPadOS 13.1 were released on Tuesday. But, it has not been revealed whether both the new iterations come with the patch for the bug affecting newly-updated iPhone, iPad, and iPod devices.

It also added that the possibility of the impact is restricted to your iPhone, iPad, or iPod touch and if you have third-party keyboards on those devices. You can see your third-party keyboard apps which could be affected by this issue. Firstly, open “Settings” and go to General and then visit Keyboard.

It is to be kept in mind that the Apple has claimed that its own keyboard is not affected by the said bug. Moreover, if you have not approved the request by third-party keyboards’ additional features then you may have avoided giving full access to third-party keyboards and therefore, they will not be impacted by the bug either. Furthermore, the bug also does not impact the third-party keyboards that do not use full access.

Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, Check out latest IPO News, Best Performing IPOs, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.

Next Stories
1FAU-G launch on Republic Day 2021: everything to know about ‘made in India’ PUBG Mobile rival
2India to impose permanent ban on 59 Chinese apps including TikTok
3Netflix brings studio quality sound for Android users: everything to know