Late last year, a teenager attempting to collect a bug bounty from Apple exploited a flaw in iOS that allowed him to call 911 on an iPhone remotely.
In order to demonstrate how serious of a flaw this was, he shared a code that caused iPhones to repeatedly dial 911, for which he was arrested. Months later, Apple has confirmed that the flaw exploited in the hack has been patched in the recently released iOS 10.3.
It was the Wall Street Journal that published a story confirming that the exploit had been fixed in the latest version of the software.
‘The code only triggered 911 calls from iPhones, exploiting a feature in the smartphone’s software that allows users to click on a phone number and immediately initiate a call. Apple says the update supersedes that capability and now requires users to always press a second confirmation before initiating a call.’
According to the report, Apple worked with app developers to solve the problem, and now that the fix has been implemented, it should be impossible to repeat the attack, even on apps that haven’t specifically been updated to combat the flaw. While there was almost certainly an easier way to go about discovering and fixing this issue, it appears that the accidental cyberattack has had a positive outcome in the end.
With its faster animations and new file system, iOS 10.3 was already worth downloading, but this is yet another reason to upgrade. Just be sure to back up your files first.