iOS 15 Patched Security Hole That Potentially Exposed Users' Private Apple ID Information to Third-Party Apps

Apple patched two significant security vulnerabilities when it released iOS 15 that could have potentially exposed users' private Apple ID information and in-app search history to malicious third-party apps and allowed apps to override user Privacy preferences, Apple has revealed in a recent support document update.

appleprivacyad cleaned
With most iOS, macOS, tvOS, and watchOS updates, Apple provides a list of security vulnerabilities patched in that update. Apple maintains a list of security fixes and occasionally updates them with new entries once an investigation of a specific security vulnerability is completed.

Released in September, iOS and iPadOS 15 introduced "additional sandbox restrictions on third-party applications" as a patch, and Apple credits developer Steve Troughton-Smith for assisting it in finding and patching the vulnerability.

Impact: A malicious application may be able to access some of the user's Apple ID information, or recent in-app search terms
Description: An access issue was addressed with additional sandbox restrictions on third-party applications.
CVE-2021-30898: Steven Troughton-Smith of High Caffeine Content (@stroughtonsmith)
Entry added January 19, 2022

Apple does not offer any indication that this particular exploit was actively used in the wild.

In addition, iOS 15, iPadOS 15, and watchOS 8 also patched a security exploit that could allow a third-party app to bypass Privacy preferences. Apple does not provide any more information as to the specifics of the exploit and does not indicate it was actively used.

Apple also updated its security content pages for iOS 14, iOS 15.1, tvOS 15, tvOS 15.1, macOS Big Sur 11.6.1, macOS Big Sur 11.6, and more with newly disclosed security vulnerabilities for each of the updates.

According to Apple, iOS 15 is installed on more than 72% of all iPhones released in the last four years, with iPadOS 15 adoption lower at 57%. Adoption of iOS 15 is considerably lower than iOS 14, which was installed on more than 80% of all iPhones released in the last four years. Even iOS 13 experienced faster adoption rates than iOS 15 as it was installed on 77% of iPhones by January of 2020.

With the newly disclosed security exploits patched in iOS 15 and iPadOS 15, and iOS 15.1 and iPadOS 15.1, users are strongly encouraged to update to the latest iOS and iPadOS versions. The newest released versions are iOS 15.2.1 and iPadOS 15.2.1, while Apple has seeded iOS 15.3 and iPadOS 15.3 betas to developers and public beta testers.

Apple in June said that it would give users a choice when iOS 15 launched as to whether they would wish to update to the newest version or continue to receive iOS 14 security updates. The latter option is no longer available, as Apple is now more aggressively pushing users to update to iOS 15, with users still running on iOS 14 no longer receiving standalone security updates.

Apple says the option to remain on iOS 14 and continue to receive security updates was always meant to be temporary.

Related Forum: iOS 15

Top Rated Comments

TheFluffyDuck Avatar
28 months ago
Having servers in China, and some big brother AI photo scanning nonsense to "save children" is also a massive security hole as well. Might want to patch those as well.
Score: 16 Votes (Like | Disagree)
macguru212 Avatar
28 months ago
totally OT but i misread the text as "Pricey. That's iPhone."

I need glasses.?
Score: 14 Votes (Like | Disagree)
jdavid_rp Avatar
28 months ago

Oh boy.

If the New AMD graphics chip with Ray Tracing used in Samsung Galaxy S22 phones and future phones turns out to be AWESOME I won't have to deal with IOS 15 other than an iPad.
Yeah, im sure 30 minutes of raytracing gaming at 30FPS until the battery dies its the best thing ever that I would use everyday too.
Score: 11 Votes (Like | Disagree)
Alfred.Woodden Avatar
28 months ago

Well that statement right there pretty much blows a whole in their entire App Store-Is-A-Safe-Walled-Garden narrative.

If crap like this can get through as the App Store currently exists, I’m all for side loading apps from other sources since the security of the App Store is not what we’re led to believe.
Sideloading would probably increase it by a magnitude, maliciously, not by mistake which is the case here.
Score: 10 Votes (Like | Disagree)
contacos Avatar
28 months ago
the lack of transparency from Apple is sometimes really astonishing
Score: 10 Votes (Like | Disagree)
spartan1967 Avatar
28 months ago

It boggles my mind why people don't update their software. In today's world, security flaws should be the number one reason to update.
That’s why Apple needs to continue to update 14.
Score: 7 Votes (Like | Disagree)

Popular Stories

iPhone 16 Camera Lozenge 2 Perspective Gray

Five Key Upgrades Coming to iPhone 16

Friday March 15, 2024 1:45 pm PDT by
The iPhone is Apple's top-selling product, and it gets an update every year. In 2024, we're expecting the iPhone 16 and iPhone 16 Pro lineup, with an arguably more interesting feature set than we got with the iPhone 15 and iPhone 15 Pro. Subscribe to the MacRumors YouTube channel for more videos. Capture Button All four iPhone 16 models are set to get a whole new button, which will be...
iphone se 4 modified flag edges

iPhone SE 4 Expected to Depreciate Heavily

Tuesday March 12, 2024 9:04 am PDT by
Resale value trends suggest the iPhone SE 4 may not hold its value as well as Apple's flagship models, according to SellCell. According to the report, Apple's iPhone SE models have historically depreciated much more rapidly than the company's more premium offerings. The third-generation iPhone SE, which launched in March 2022, experienced a significant drop in resale value, losing 42.6%...
apple wallet drivers license feature

Apple Said iPhone Driver's Licenses Would Expand to These 8 U.S. States… Two Years Ago

Thursday March 14, 2024 7:33 am PDT by
In just four U.S. states, residents can add their driver's license or ID to the Apple Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports, businesses, and venues. Adoption of the feature has been slow since Apple first announced it in September 2021, with IDs in the Wallet app only available in Arizona,...
airpods 3 orange

Two New AirPods 4 Models Expected to Launch in September or October

Sunday March 17, 2024 7:56 am PDT by
Apple suppliers will begin production of two new fourth-generation AirPods models in May, according to Bloomberg's Mark Gurman. Based on this production timeframe, he expects the headphones to be released in September or October. Gurman expects both fourth-generation AirPods models to feature a new design with better fit, improved sound quality, and an updated charging case with a USB-C...
When To Expect New iPads Feature 1

Apple to Announce New iPads on March 26, Rumors Claim

Monday March 18, 2024 4:02 am PDT by
Apple is widely expected to release new iPad Air and OLED iPad Pro models in the next few weeks. According to new rumors coming out of Asia, the company will announce its new iPads on Tuesday, March 26. Chinese leaker Instant Digital on Weibo this morning 日发布%23">claimed that the date will see some sort of announcement from Apple related to new iPads, but stopped short of calling it an...
OLED iPad Air

iPad Air Next on Apple's OLED Tablet Roadmap Following iPad Pro

Friday March 15, 2024 3:30 am PDT by
The iPad Air will be the next Apple tablet to adopt OLED display panel technology following its upcoming OLED iPad Pro models, according to an updated forecast from research firm Omdia (via The Elec). "In 2028, we expect the iPad Air to go OLED as well, with the iPad Air using single-stack and the iPad Pro using two-stack tandem OLEDs," said Omdia researcher Kang Min-soo, speaking on...
Walmart MacBook Air M1

Walmart Begins Selling MacBook Air With M1 Chip for $699 in U.S.

Friday March 15, 2024 6:57 am PDT by
Walmart today announced that it has started selling the MacBook Air with the M1 chip in the U.S., with pricing set at a very reasonable $699. The laptop can be ordered now on Walmart.com, and it will be available soon at select Walmart stores. This is the first time that customers can purchase a Mac that is sold directly by Walmart, the company said in a press release. Some other retailers...