This Bug In Apple’s Homekit Can Reboot Your iPhone Endlessly

0
439

[ad_1]

Apple’s HomeKit allows customers to automate their smart home gadgets, and modifications made on one Apple device are mirrored on all others owing to iCloud sync.

A recently found HomeKit vulnerability, on the other hand, may force iPhones to reboot indefinitely. This problem affects a wide variety of iOS versions, including iOS 15.2, the most recent stable release. Malicious third-party apps can also cause this flaw if you’re using an older version of iOS. Users would be either locked out of the Home app or their iPhone may crash and reboot indefinitely, depending on your iPhone’s choices.

This flaw may be exploited by establishing a HomeKit device with an extremely lengthy name, according to researcher Trevor Spiniolas (via The Verge). If an unwitting user accepts a HomeKit device invitation link with a name longer than 500,000 characters, iOS will crash and reboot endlessly. Additionally, before iOS 15, third-party apps could modify the names of HomeKit devices. On older versions of iOS, a developer may theoretically exploit the vulnerability remotely – without the need for user interaction.

SEE ALSO: Apple’s 2022 Lineup Includes MacBook Pros, MacBook Air, VR Headset And More

There are also some things you can do to keep this vulnerability from being exploited on your iPhone. You might start by turning off iCloud sync for the Home app. In this manner, HomeKit data stays local, and factory restarting your iPhone will prevent the compromised, lengthy name from being loaded from iCloud. You may also take further precautions by uninstalling Home Controls from the Control Center. If the problem is exploited on your device, it will simply crash the Home app rather than the full OS.

However, the easiest method to be safe is to disregard invitation links given by persons you don’t know or trust. Furthermore, if you’re still on iOS 14, updating to the newest release of iOS 15 will prohibit applications from altering a HomeKit device’s name to a lengthy one, albeit the underlying flaw will remain.

Trevor was previously told by Apple that the flaw will be fixed before 2022. The anticipated completion date was then pushed back to early 2022. It’s unclear when the corporation will repair it, but at the very least it’s aware of the problem.

Cover Image: Shuttetstock

[ad_2]

Source link