October 4, 2024 at 08:05AM
Apple has addressed two security bugs in iOS 18.0.1 and iPadOS 18.0.1. One bug may read users’ saved passwords aloud, posing a risk to the visually impaired. Another bug affects iPhone 16’s audio capture in iMessage, capturing audio before indicating recording. Apple urges users to apply the latest update for security enhancement.
Meeting Notes Summary:
1. Apple released the 18.0.1 update for iOS and iPadOS, addressing security bugs.
2. One of the bugs may cause saved passwords to be read aloud, posing an issue for the visually impaired and users relying on VoiceOver screen reader.
3. The first security issue (CVE-2024-44204) was described as a logic issue, and Apple rectified it by improving validation. The exact conditions triggering the vulnerability were not disclosed.
4. The bug affects various iPhone and iPad models, including iPhone XS and later, and different iPad Pro and iPad mini models.
5. There is an unresolved severity score for the bug, possibly due to backlog issues at the National Vulnerability Database.
6. Another bug (CVE-2024-44207) in the 18.0.1 update affects iPhone 16 models, causing them to capture more audio than the user interface indicates when sending audio messages in iMessage. This issue has been addressed by Apple with improved checks.
Overall, the 18.0.1 update brings crucial fixes for security vulnerabilities related to password privacy and audio recording on Apple devices.