Apple's iOS updates brick iPads

Update crushes low-level lockscreen hole ... then wreaks havoc


Apple's latest iOS 9.3.2 update appears to be bricking iPads.

Reports of borked iPads emerged on Twitter thanks reportedly to a hardware issue requiring users to possibly restore their devices or contact support.

And people have. Users have Tweeted to Apple Support (@AppleSupport) with complaints their iPads cannot be restored through iTunes.

The Register has sought comment from Apple.

The patches (HT206568) also address a low-risk vulnerability that allowed attackers to bypass lock screens on modern iPhone 6 handsets.

The hole found by Ark engineer Jose Rodriguez (@VBarraquito), of Spain, and Vulnerability Lab penetration tester Benjamin Kunz Mejri (@vuln_lab), of Germany, allows attackers to gain access to contacts, messages, settings, and emails on iPhone 6s and iPhone 6s Plus devices running iOS 9.3.1.

description

Bricked iPad. Credit @ivanmorote .

It requires attackers gain physical access to a device in which Siri has access to a Twitter account, making it unlikely to be of great use to criminals or security testers.

Apple credited Rodriguez with the find though it was reported independently by both researchers. The former uploaded a video to YouTube on 4 April while Kunz Mejri wrote a descriptive post on Full Disclosure after he says Apple did not respond to his private disclosure for two weeks.

Rodriguez has called on Apple to launch a bug bounty program.

Cupertino's patch also fixed small problems with Bluetooth audio quality, dictionary definitions, typing email addresses, and MDM servers.

It is released for iPhone 4S and iPad 2 and newer, all iPad Minis and Pros, and iPod Touch generations five and six. ®


Other stories you might like

  • Red Hat Kubernetes security report finds people are the problem
    Puny human brains baffled by K8s complexity, leading to blunder fears

    Kubernetes, despite being widely regarded as an important technology by IT leaders, continues to pose problems for those deploying it. And the problem, apparently, is us.

    The open source container orchestration software, being used or evaluated by 96 per cent of organizations surveyed [PDF] last year by the Cloud Native Computing Foundation, has a reputation for complexity.

    Witness the sarcasm: "Kubernetes is so easy to use that a company devoted solely to troubleshooting issues with it has raised $67 million," quipped Corey Quinn, chief cloud economist at IT consultancy The Duckbill Group, in a Twitter post on Monday referencing investment in a startup called Komodor. And the consequences of the software's complication can be seen in the difficulties reported by those using it.

    Continue reading
  • Infosys skips government meeting - and collecting government taxes
    Tax portal wobbles, again

    Services giant Infosys has had a difficult week, with one of its flagship projects wobbling and India's government continuing to pressure it over labor practices.

    The wobbly projext is India's portal for filing Goods and Services Tax returns. According to India’s Central Board of Indirect Taxes and Customs (CBIC), the IT services giant reported a “technical glitch” that meant auto-populated forms weren't ready for taxpayers. The company was directed to fix it and CBIC was faced with extending due dates for tax payments.

    Continue reading
  • Google keeps legacy G Suite alive and free for personal use
    Phew!

    Google has quietly dropped its demand that users of its free G Suite legacy edition cough up to continue enjoying custom email domains and cloudy productivity tools.

    This story starts in 2006 with the launch of “Google Apps for Your Domain”, a bundle of services that included email, a calendar, Google Talk, and a website building tool. Beta users were offered the service at no cost, complete with the ability to use a custom domain if users let Google handle their MX record.

    The service evolved over the years and added more services, and in 2020 Google rebranded its online productivity offering as “Workspace”. Beta users got most of the updated offerings at no cost.

    Continue reading

Biting the hand that feeds IT © 1998–2022