Apple iOS 11.2.1 software rollout fixes HomeKit remote access vulnerability

Kristi Paul
December 15, 2017

Apple then made some changes server-side that temporarily patched the vulnerability while a proper fix was expected to arrive at a later date. The new update also resolves some of the issues from the major update in iOS 11.2 which was released a couple of weeks ago.

Apple recently released their iOS 11.2 update, this morning we heard about the new iOS 11.2.1 update and now there is the new iOS 11.2.5 beta 1. Apple's iOS 11.2.1 update comes with bug fixes, including for an issue where remote access for the Home app was disabled to shared users. Once downloaded, the update will restart the Apple TV once.

The security bulletin that accompanied the updates reveals that HomeKit bug allowed a remote attacker to unexpectedly alter application state, and that the message handling issue was addressed with improved input validation. In order to try out the software you will need to be a registered developer. It's recommended to download the OTA update over Wi-Fi.

The update is about 57.6 MB in size and is now available to all compatible iOS devices including iPhone 8, iPhone 8 Plus, and other Apple devices starting from iPhone 5S or newer, 5th Gen iPad or newer and iPod touch 6th Gen. After installing the latest iOS update, the device displays the "Face ID is not available" prompt upon accessing the face unlock feature. On the Apple TV 4, although, you can install the update manually by downloading the IPSW file through iTunes.

But by rushing out the new update, it just exposed more problems and led to a security glitch that potentially left users vulnerable to hacking in their homes.

Other reports by VideoGamingPros

Discuss This Article