iOS 14.5 to Make Zero-Click Attacks 'Significantly Harder'

Apple's impending iOS and iPadOS 14.5 update will make zero-click attacks considerably more difficult by extending PAC security provisions, according to Motherboard.

14

Apple has made a change to the way in which it secures its code in the latest betas of iOS 14.5 and iPadOS 14.5 to make zero-click attacks much harder. The change, spotted by security researchers, has now been confirmed by Apple and is slated to be included in the final update.

Zero-click attacks allow hackers to break into a target without the need for victim interaction, such as clicking a malicious phishing link. Zero-click attacks are therefore considerably harder for targeted users to detect and are considered to be much more sophisticated.

Since 2018, Apple has used Pointer Authentication Codes (PAC) to prevent attackers from leveraging corrupted memory to inject malicious code. Cryptography is applied to authenticate pointers and validate them before they are used. ISA pointers instruct a program about what code it should use when it runs on iOS. By using cryptography to sign these pointers, Apple is now extending PAC protection to ISA pointers.

"Nowadays, since the pointer is signed, it is harder to corrupt these pointers to manipulate objects in the system. These objects were used mostly in sandbox escapes and zero-clicks," security firm Zimperium's Adam Donenfeld told Motherboard. The change will "definitely make zero-clicks harder. Sandbox escapes too. Significantly harder." Sandboxes aim to isolate applications from each other to stop code from a program interacting with the wider operating system.

While zero-clicks will not be eradicated through this change, many of the exploits used by hackers and governmental organizations will now be "irretrievably lost." Hackers will now need to find new techniques to implement zero-click attacks on iPhone and iPad, but the security improvements to ISA pointers are likely to make a significant impact on the overall number of attacks on these devices.

Related Forum: iOS 14

Top Rated Comments

Skika Avatar
21 months ago

if only they made zero-click Siri interactions easier
Why the negative/cynical spin on everything?
Score: 19 Votes (Like | Disagree)
_Spinn_ Avatar
21 months ago
More great security improvements. I'm glad Apple is keeping up these kinds of updates.
Score: 13 Votes (Like | Disagree)
macsplusmacs Avatar
21 months ago
always good to hear they are staying on top of things like this.
Score: 9 Votes (Like | Disagree)
farewelwilliams Avatar
21 months ago
if only they made zero-click Siri interactions easier
Score: 6 Votes (Like | Disagree)
I7guy Avatar
21 months ago
I like how Apple just does these stealth improvements and then wham, forces some big change somewhere.
Score: 4 Votes (Like | Disagree)
Apple_Robert Avatar
21 months ago

When do we expect it to release?
Whenever 14.5 is released.
Score: 3 Votes (Like | Disagree)

Related Stories

iOS 15

Apple Seeds Fifth Betas of iOS 15.4 and iPadOS 15.4 to Developers [Update: Public Beta Available]

Tuesday March 1, 2022 10:04 am PST by
Apple today seeded the fifth betas of upcoming iOS 15.4 and iPadOS 15.4 updates to developers for testing purposes, with the new software coming one week after Apple seeded the fourth betas of iOS 15.4 and iPadOS 15.4. Developers can download iOS 15.4 and iPadOS 15.4 through the Apple Developer Center or over the air after the proper profile has been installed on an iPhone or iPad. iOS...
iOS 14 vs 15 feature

Apple Says Option to Stay on iOS 14 Was Always Meant to Be Temporary

Wednesday January 19, 2022 9:57 am PST by
Last week, MacRumors shared news that Apple had stopped releasing iOS 14 security updates and was pushing those still on iOS 14 to upgrade to iOS 15, an apparent reversal of a promise to allow users to stay on the iOS 14 operating system. Apple today told Ars Technica that the option to stay on iOS 14 and avoid the iOS 15 upgrade was always meant to be temporary. It is not a mistake that...
apple bitcoin hack

22-Year-Old UK Citizen Arrested for 2020 Twitter Hack Affecting Apple

Wednesday July 21, 2021 10:47 am PDT by
The United States Justice Department has continued pursuing those responsible for a 2020 Twitter hack that saw the accounts of high-profile companies and individuals hacked as part of a Bitcoin scam. Several people have already been arrested and charged for the attack, and the DoJ today announced (via The Verge) that 22-year-old Joseph O'Connor, aka "PlugWalkJoe," has also been arrested....
iOS App Store General Feature JoeBlue

U.S. Bills Allowing Sideloading Would Cause Consumers to Be Hit With 'Malware, Ransomware, and Scams,' Says Apple

Tuesday January 18, 2022 11:42 am PST by
U.S. bills that would require major changes to the App Store would ultimately cause consumers to be targeted with malware, ransomware, and scams, Apple's Senior Director of Government Affairs Timothy Powderly said in a letter that was sent today to the Senate Judiciary Committee and that was obtained by MacRumors. Apple sent the letter as the Judiciary Committee prepares to consider the Amer...
iOS App Store General Feature Orange

Apple Seeds Second Betas of iOS 15.4 and iPadOS 15.4 to Developers

Tuesday February 8, 2022 10:04 am PST by
Apple today seeded the second betas of upcoming iOS 15.4 and iPadOS 15.4 updates to developers for testing purposes, with the new software coming two weeks after Apple seeded the first betas of iOS 15.4 and iPadOS 15.4. Developers can download iOS 15.4 and iPadOS 15.4 through the Apple Developer Center or over the air after the proper profile has been installed on an iPhone or iPad. Apple...
appleprivacyad cleaned

iOS 15 Patched Security Hole That Potentially Exposed Users' Private Apple ID Information to Third-Party Apps

Thursday January 20, 2022 3:32 am PST by
Apple patched two significant security vulnerabilities when it released iOS 15 that could have potentially exposed users' private Apple ID information and in-app search history to malicious third-party apps and allowed apps to override user Privacy preferences, Apple has revealed in a recent support document update. With most iOS, macOS, tvOS, and watchOS updates, Apple provides a list of...
powerdir exploit microsoft

Microsoft Discovered New 'Powerdir' macOS Vulnerability, Fixed in 12.1 Update

Monday January 10, 2022 9:17 am PST by
Microsoft's 365 Defender Research Team this morning published details on a new "Powerdir" macOS vulnerability that let an attacker bypass the Transparency, Consent, and Control technology to gain unauthorized access to protected data. Apple already addressed the CVE-2021-30970 vulnerability in the macOS Monterey 12.1 update that was released in December, so users who have updated to the...
tmobilelogo

T-Mobile's Latest Data Breach Linked to SIM Swap Attacks

Wednesday December 29, 2021 10:15 am PST by
Back in August, T-Mobile suffered a massive data breach impacting more than 50 million current, former, and prospective T-Mobile users, and now the cellular company is dealing with another smaller data breach incident. Reports yesterday suggested that T-Mobile was aware of unauthorized activity affecting some customer accounts, and now, T-Mobile has confirmed that those reports were due to...

Popular Stories

AirPods Max 2022 Colors

Ten Things AirPods Pro 2 Tell Us About AirPods Max 2

Saturday September 24, 2022 1:00 am PDT by
Upon the release of the second-generation AirPods Pro, the AirPods Max became the oldest current-generation AirPods product still in Apple's lineup. Introducing several new features like Adaptive Transparency and the H2 chip, the second-generation AirPods Pro may provide some of the best indications yet of what to expect from the second-generation AirPods Max. Almost two years later, rumors...
apple watch series 7 aluminum colors yellowbg

Don't Want the Apple Watch Ultra or Series 8? Amazon Has Record Low Prices on Series 7 Models This Week

Friday September 23, 2022 6:56 am PDT by
The Apple Watch Series 8 and Apple Watch Ultra are now available to purchase, but if you aren't interested in these updates you can save a lot of money on Series 7 models right now on Amazon. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. The best deals are on cellular...
iOS 16

Apple Releases iOS 16.0.2 With Bug Fixes for iPhone 14 Pro Camera Vibration, Copy/Paste Issue and More

Thursday September 22, 2022 1:04 pm PDT by
Apple today released iOS 16.0.2, addressing a number of bugs that iPhone 14 owners have been experiencing since the new devices launched. iOS 16.0.2 comes two weeks after the launch of iOS 16, and it follows iOS 16.0.1, an update made available to iPhone 14 owners on launch day. The update is available for all iPhones that are capable of running iOS 16. The iOS 16.0.2 update can be...
14 vs 16 inch mbp m2 pro and max feature 1

New 14-Inch and 16-Inch MacBook Pros Reportedly Launching Later This Year

Friday September 23, 2022 7:08 am PDT by
Apple plans to release new MacBook Pro models in the fourth quarter of 2022, according to supply chain publication DigiTimes. The report does not mention specific models, but it very likely refers to the next-generation 14-inch and 16-inch MacBook Pros given that the 13-inch model was already updated earlier this year. There has been uncertainty surrounding the timing of new 14-inch and...
Tim Cook Apple Event

Gurman: New iPads and Macs May Be Announced Through Press Releases, No October Event

Sunday September 25, 2022 6:50 am PDT by
Apple may decide to release its remaining products for 2022, which include updated iPad Pro, Mac mini, and 14-inch and 16-inch MacBook Pro models, through press releases on its website rather than a digital event, according to Bloomberg's Mark Gurman. In his latest Power On newsletter, Gurman said that Apple is currently "likely to release its remaining 2022 products via press releases,...
Dynamic Island For Android Users Feature

Android App Copying iPhone 14 Pro's Dynamic Island Released on Play Store

Thursday September 22, 2022 7:57 am PDT by
A copycat version of the iPhone 14 Pro's Dynamic Island has arrived on Android's Google Play Store in the form of an app called "dynamicSpot." The app, still in beta, offers customers several different experiences at the top of their smartphones. In its current form, dynamicSpot offers playback control for songs, timers, battery status, and more features coming soon, according to the app's...
AirPods Pro Second Generation 2 Pairing Feature 1

AirPods Pro 2 Engravings Appear in iOS During Pairing and Connecting

Friday September 23, 2022 9:40 am PDT by
Customers who personalize their second-generation AirPods Pro charging case with an engraving will now have that engraving reflected directly on iOS as they pair and connect their AirPods Pro. Apple allows customers to personalize their AirPods Pro charging case with a special engraving that can include select emojis and Memojis. Unlike before, starting with the second-generation AirPods...
Apple Watch 6 New Features Feature 2

Six New Apple Watch Features Coming Later This Year

Friday September 23, 2022 8:12 am PDT by
With new Apple Watch Ultra and Series 8 models now in the hands of customers, Apple has brought a host of smart new features to many people's wrists. But there's more to come. Apple has a handful of additional features in store for Apple Watch Series 8 and Apple Watch Ultra owners before the year's end, and some of them are watchOS 9 functions, which means they will even work on older Apple ...
new airpods pro ear tips

Apple Explains Why Second-Generation AirPods Pro Ear Tips Are Incompatible With Original AirPods Pro

Thursday September 22, 2022 3:12 pm PDT by
Apple today explained why the new silicone ear tips for the second-generation AirPods Pro are not officially compatible with the original AirPods Pro. In an updated support document, Apple said the original AirPods Pro ear tips have "noticeably denser mesh" than the second-generation ear tips. Apple did not provide any additional details, but the mesh density could result in acoustical...