iOS version 11.3.1 was released on Apr 24, 2018, and the following four vulnerabilities are fixed in this security update:
- 2 WebKit vulnerabilities – These vulnerabilities allow maliciously crafted web content to execute arbitrary code on mobile devices. These issues are fixed with improved memory handling and state management.
- 1 CrushReporter vulnerability – This vulnerability allows third-party applications to gain escalated privileges. The vulnerability is fixed through improved error handling.
- 1 LinkPresentation vulnerability – This vulnerability allows maliciously crafted text to spoof user interfaces. It is addressed through better input validation.
Enhance Your Security by Keeping Up with OS Updates
Enterprise users should note that, although Apple has fixed these vulnerability with the 11.3.1 update, the security benefits are not reflected on their devices unless users update the OS to this latest version. Thus, before attackers exploit these vulnerabilities, enterprise users should go to “Settings > General > Software Update” and update their iOS devices to the latest version.
OS updates are among the easiest and most cost-effective ways to prevent attacks from exploiting holes in older operating systems and we certainly recommend updating to this latest OS release given the numerous security updates it provides.
*** This is a Security Bloggers Network syndicated blog from Mobile Threat Blog Posts | Appthority authored by Jill Richards. Read the original post at: https://www.appthority.com/mobile-threat-center/blog/ios-update-11-3-1-security-details/