Apple's iOS 7 patches 80 vulnerabilities

Just as Apple patched some 80 vulnerabilities in its mobile operating system this week, a new vulnerability popped up in the latest version of the software, iOS 7. The vulnerabilities patched by iOS 7 cover a wide array of undesirable behaviors -- some of them years old.

"The changes made in iOS 7 aren't significant from any other software upgrade Apple has introduced," Cigital Principal Consultant Scott Matsumoto said in an email. "They are doing their job as the platform provider," he continued. "Platforms inevitably get more secure over time in the field; it's a natural maturation process that every piece of software goes through.

"Are there still vulnerabilities in iOS?" he said. "Yes. I imagine that there will be a similar list with every release of iOS."

One apparent vulnerability not addressed in the first release of iOS 7 is a defect uncovered just hours after the software became available Wednesday for downloading by the public.

Ironically, the vulnerability attacks the new lockscreen feature in iOS that's been praised as a security improvement over past versions of the OS.

[See also: Apple's iOS 7 gives security pros a lot to like

Even when an Apple mobile device running iOS 7 is locked, a new feature called the Control Center can be accessed by swiping upward on a device's screen. The center gives a user access to four often-used apps on the device: flashlight, timer, calculator and camera.

Two of those apps -- the calculator and timer -- can be used to gain access to full functionality on the camera app through a series of steps using the Home button. Once in control of the camera app, an unauthorized user could shoot photos, share them through email and SMS messaging, post them to a device owner's social media accounts and edit or delete pics.

To a limited extent, the app can be used to modify contacts on the device, as well as kill any running applications on it.

Until Apple fixes the vulnerability, some security experts recommend disabling Control Center, Notification Center and Siri on the lockscreen.

Another lockscreen issue was addressed in the scores of vulnerabilities tackled in iOS 7. That issue allowed the lockscreen to be bypassed by leveraging a race condition involving phone calls and injections of a SIM card. Apple said it addressed that problem by improving the operating system's lock state management.

Apple also patched a vulnerability allowing an app in the operating system's third-party sandbox to snatch the passcode to a device. Apple addressed the issue by requiring additional entitlement checks.

Another flaw involving multiple buffer overflows had allowed attackers to execute arbitrary code -- even after a system reboot. That problem was fixed by improved bounds checking in the code.

A flaw that allowed apps running in the background to inject UI events into an app running in the foreground was also addressed. That was fixed by imposing access controls on foreground and background processes that handle the UI events.

The new iOS also fixes a glitch that allowed sandboxed apps to send tweets without a user's permission. The problem lay in the Twitter subsystem. "Bypassing supported APIs, sandboxed apps could make requests directly to a system daemon interfering with or controlling Twitter functionality," Apple explained. That issue was patched by enforcing access controls on interfaces exposed by the Twitter daemon.

Many of the flaws, although potentially dangerous, weren't likely to affect most users, said PJ Gupta, CEO of Amtel. "We work with corporations and for them, Apple's platform is the most secure compared to other platforms," he said in an interview.

Plaudits have been heaped on Apple for its security improvements in iOS 7, which should make system administrators more comfortable with the OS. "With every release of iOS, Apple adds a few features and functions that further the level of security they're providing," John Dasher, vice president of product marketing for Good Technology, said in an interview.

Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.

Join the CSO newsletter!

Error: Please check your email address.

Tags Vulnerabilitiesapplicationssecuritymobile securitysoftwareData Protection | WirelessExploits / vulnerabilitiesdata protectionAppleApple ios 7Cigital

More about AmtelAppleGood TechnologyScott CorporationTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello Jr.

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place