Apple has released a critical security update that could have allowed attackers to disable a crucial feature protecting iPhones and iPads. The flaw, patched in the iOS 18.3.1 and iPadOS 18.3.1 updates, targeted USB Restricted Mode, a security feature introduced in iOS 11.4.1 to prevent unauthorized access to a device’s data.
USB Restricted Mode was designed to protect iPhones and iPads from law enforcement tool attacks, especially those from Cellebrite and Graykey, which usually break through a device’s security. When turned on, it doesn’t let USB accessories read the data unless the device has been unlocked at least an hour prior.
The newly discovered bug was allowing attackers to turn off USB Restricted Mode, thus exposing devices to potential attacks. However, the flaw could only be exploited with physical access to the device, suggesting that the threat was targeted and highly sophisticated. The vulnerability was reportedly exploited in a “sophisticated” attack against specific individuals, but Apple has not disclosed who was affected or who might have used the exploit.
Security researcher Bill Marczak from the University of Toronto’s Citizen Lab first reported the vulnerability, adding to his previous findings about security flaws in Apple products. Even though the exploit is very grievous, Apple has allayed users’ fears that not much exploitation occurred and that this update now secures the feature once again.
Users can get into Settings > Face ID (or Touch ID) & Passcode and scroll down to the “Accessories” section, and it should say that USB Restricted Mode is active on their devices. What users need to note is that disabling the toggle turns the feature back on. They can check if there’s an update by heading to Settings > General > Software Update on the iPhone or iPad.
This update has addressed a serious vulnerability, though users should check for updates regularly to ensure their devices remain secure against new threats.
