iOS 10.3 Fixes Exploit That Caused iPhones to Repeatedly Dial 911
iOS 10.3, released earlier this week, fixes a major vulnerability that could cause iPhones to repeatedly dial 911, reports The Wall Street Journal. In the United States, 911 is an emergency telephone number that summons police, fire, and EMS services.
The 911 security flaw surfaced in October after an 18-year-old iOS developer in Arizona discovered and published code that would cause an iPhone to dial 911 over and over again. The teenager was arrested after the 911 system in Surprise, Arizona was overwhelmed with more than 100 hang-up calls in just minutes.
Because the code was published online, thousands of accidental 911 calls were placed across the United States, demonstrating an effective cyberattack method that could severely disrupt emergency services.
The code exploited an iPhone feature that allows users to click on a phone number in a text message or on a webpage and immediately dial that number. With the iOS 10.3 update, iPhones always require secondary confirmation before automatically calling a number using that method.
Apple says the update supersedes that capability and now requires users to always press a second confirmation before initiating a call.
Apple says it initially worked with app developers to fix the vulnerability, and this update will now prevent it from happening even on apps that hadn't already fixed the issue.
iOS 10.3, which introduces features like Find My AirPods and a new Apple Filesystem, also includes dozens of major security fixes. Another major iOS 10.3 bug fix, which could result in endless Safari pop-ups that "locked" the Safari app, was outlined earlier this week.