MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
bug
Recherche

Apple Passwords App Bug Left Users Vulnerable to Phishing Attacks for Months Before Being Fixed

mercredi 19 mars 2025, 10:10 , par MacRumors
Apple Passwords App Bug Left Users Vulnerable to Phishing Attacks for Months Before Being Fixed
Apple fixed a bug in its Passwords app with December's iOS 18.2 update that had left users vulnerable to phishing attacks in the three months since the launch of iOS 18.

According to an Apple security update spotted by 9to5Mac, the Passwords app was sending unencrypted requests for the logos and icons associated with users' stored passwords.

Without protections of encryption, an attacker on the same Wi-Fi network could redirect a user's browser to a clone phishing site where login details could be stolen. The vulnerability was first discovered by developer Mysk's security researchers and reported in September.

Apple's iOS 18.2 security release notes described the bug like so:

Impact: A user in a privileged network position may be able to leak sensitive information

Description: This issue was addressed by using HTTPS when sending information over the network.

Apple lists the bug in security content updates for the Mac, iPad, and Vision Pro, indicating that this issue was fixed across multiple OSes.This article, "Apple Passwords App Bug Left Users Vulnerable to Phishing Attacks for Months Before Being Fixed" first appeared on MacRumors.comDiscuss this article in our forums
Lire la suite sur MacRumors
https://www.macrumors.com/2025/03/19/apple-passwords-app-phishing-vulnerability/

Voir aussi

bug Apple blasts EU antitrust regulators upon being ordered to open up to rivals Mac Daily News19 Mar
apple The EU is betraying its users and weakening their privacy for political gain AppleInsider19 Mar
passwords Amazon issues record-breaking $1,249 Apple Studio Display deal (save $350) AppleInsider19 Mar
phishing Apple Is Betting on the iPhone 17 Air and iPhone Flip, But Will People Actually Buy Them? TheMacObserver19 Mar
fixed Netflix CEO doesn’t really know why Apple TV+ exists Mac Megasite19 Mar
app Deals: M4 Max MacBook Pro up to $774 off, 24GB M3 MacBook Air $600 off orig. price, Apple Watch bands 47% off, more Mac Megasite19 Mar
security Today in Apple history: The ultra-fast Macintosh IIfx speeds into stores Mac Megasite19 Mar
vulnerable Apple Studio Display Gets Massive $350 Discount on Amazon MacRumors19 Mar
users Apple Studio Display Gets Massive $350 Discount on Amazon Mac Megasite19 Mar
months Apple is triumphing in the Windows upgrade wars Mac Megasite19 Mar
attacks New M4 MacBook Air is great, but MacBook Pro still commands Apple's laptop business AppleInsider19 Mar
left Yes, Apple Releases Updates for Chargers As Well, Releases One for MagSafe Charger TheMacObserver19 Mar
network Yes, Apple Releases Updates for Chargers As Well, Releases One for MagSafe Charger Mac Megasite19 Mar
ios Puerto Rico Banks Now Work With Apple Pay TheMacObserver19 Mar
being Apple says EU interoperability requirements enables unfettered access to the iPhone, risks customer security and privacy Mac Megasite19 Mar
bug EU will allow Apple to make a port-free iPhone Mac Megasite19 Mar
apple EU will allow Apple to make a port-free iPhone Mac Daily News19 Mar
passwords After 9 Months in Space, Stranded NASA Astronauts Return Home Wired: Cult of Mac19 Mar
phishing EU orders Apple to open up access to iOS notifications, allow alternatives to AirDrop and AirPlay on the iPhone Mac Megasite19 Mar
fixed EU will force Apple to totally expose its iPhone features to all who ask AppleInsider19 Mar
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Date Actuelle
mer. 19 mars - 18:54 CET