Apple has fixed a vulnerability in its HomeKit internet-of-things platform that allowed a hacker to take remote control of users' gadgets,Vernost aka Fidelity (2019) including smart locks.
9to5Mac first wrote about the vulnerability, which it says is "difficult to reproduce." Still, it was dangerous. If there was one iPhone or iPad running iOS 11.2 connected to a HomeKit user's iCloud account, that account was vulnerable. An attacker could potentially tamper with a user's smart lights or thermostats, or — even worse — open their garage or even their front door if it had a HomeKit-enabled smart lock.
SEE ALSO: This smart bike lock can also track your rideApple told 9to5Mac, "The issue affecting HomeKit users running iOS 11.2 has been fixed." However, "The fix temporarily disables remote access to shared users, which will be restored in a software update early next week," an Apple spokesperson said.
Fortunately for users, there's nothing they need to do at this time — their HomeKits are already safe from hackers (at least from any known bugs).
This Tweet is currently unavailable. It might be loading or has been removed.
Bugs do happen and IoT gadgets like smart locks definitely aren't immune to them, but it appears Apple has really dropped the ball recently when it comes to the security of their products.
In October, Apple fixed a macOS High Sierra bug that exposed the user's password in plain text in certain scenarios. Late last month, the company fixed another embarrassing macOS bug — one that enabled anyone to easily gain administrator access to a Mac. Even though Apple publicly apologized for that bug and promised to tighten up security, that fix contained another bug, which temporarily broke file sharing for some users.
Featured Video For You
This Bluetooth thermometer will alert your iPhone when the turkey's done
Topics Apple
