By Eduard Kovacs on October 21, 2014
Apple released on Monday a new version of its mobile operating system and, in addition to some interesting new features, the latest version includes fixes for several security issues.
According to an advisory published by the company, one of the fixed vulnerabilities (CVE-2014-4428) could have been exploited to establish a connection from a malicious Bluetooth input device by bypassing pairing.
"Unencrypted connections were permitted from Human Interface Device-class Bluetooth Low Energy accessories. If an iOS device had paired with such an accessory, an attacker could spoof the legitimate accessory to establish a connection. The issue was addressed by denying unencrypted HID connections," Apple said in its advisory.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.