CATEGORIES
home News

Apple iOS 11.2 HomeKit Exploit Left Smart Home Locks And Garage Door Openers Vulnerable

by Brandon HillFriday, December 08, 2017, 12:48 PM EDT
It has been a rough few weeks for Apple with regards to its major software platforms. The latest black mark against the company comes in the form of a zero-day vulnerability that was discovered in Apple's HomeKit implantation in iOS 11.2.

The vulnerability was first brought to public light by 9to5Mac, and is reportedly highly difficult to reproduce. Nonetheless, it allows for an unauthorized user to gain control of smart home devices connects via HomeKit. Given that the connected-accessories that are compatible with HomeKit extend to security cameras, smart locks, garage door openers and thermostats, the potential for abuse cannot be taken lightly.

HomeKit Hero

9to5Mac has been careful not to describe in great detail the mechanics behind the vulnerability, but it does explain:

The issue was not with smart home products individually but instead with the HomeKit framework itself that connects products from various companies...The issue was not with smart home products individually but instead with the HomeKit framework itself that connects products from various companies.

For now, Apple has applied a server-side fix that closes the vulnerability, but it has the side effect of breaking some HomeKit functionality. Apple has confirmed, however, that an iOS 11.2 update arriving next week will restore any broken functionality.

Apple came under fire in late November after a password exploit that allows anyone to bypass administrator authentication to login to a Mac running macOS 10.13 High Sierra. Apple quickly issued a fix for the exploit, but it embarrassingly broke file sharing for many users as a result. To make matters worse, users on earlier versions of macOS High Sierra that had applied the security patch, and then later upgraded to High Sierra 10.13.1 saw the effects of the patch erased.

Tags:  Apple, ios, (NASDAQ:AAPL), homekit, ios 11.2
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment