The iOS 15 and iPadOS 15 updates that were released today add improved anti-spoofing models for Face ID, further improving the security of facial recognition on the iPhone X and later and the iPad Pro models.
According to Apple's security support document for the updates, there was a Face ID vulnerability that could allow a Face ID iPhone to be unlocked and authenticated using a 3D model constructed to look like the iPhone's owner.
Apple says that this issue has been resolved through improvements to the Face ID feature, which is available on the iPhone X, iPhone XR, iPhone XS (all models), iPhone 11 (all models), iPhone 12 (all models), iPad Pro (11-inch), and iPad Pro (3rd generation).
There are a number of other security fixes included in the iOS 15 update, but none of the exploits were listed as being used in the wild. There was an issue with the Neural Engine that could allow an application to execute arbitrary code with system privileges on devices with a Neural Engine, and a CoreML bug could let attackers cause unexpected application termination or arbitrary code execution.
Apple also addressed issues with FontParser, Preferences, Siri, WebKit, and WiFi, all of which are outlined in Apple's full security document.
For those not particularly interested in the feature set that iOS 15 offers, it may still be a good idea to upgrade just to get the full suite of security fixes that Apple has deployed.
Top Rated Comments
1. It’s a capacitive sensor. So even if someone cut off your finger and placed it on the phone it still wont unlock…needs electricity from your body
2. Unless the KGB or Jack Bauer is trying to get some info on your phone, this is an utterly absurd scenario. Stealing someone’s phone and cutting someone‘s finger off are on the complete opposite of the spectrum in terms of crime.
People who steal phones are looking to sell it to make money. They aren’t looking to go to prison on a mayhem assault charges for your ~$1,000 smartphone
Seriously, stop watching TV and trying to cast all criminals on the same level. People don’t just cut fingers off because they want to see your emails.
Try critical thinking